This privacy notice applies to the Personal Data processed in connection with BigMedilytics Prostate Cancer pilot (the “Initiative”).
Last update: 2018-DEC-19
Who are the data controllers?
Stockholm Läns Landsting (“Karolinska”)
SE-171 77 Stockholm, Sweden
Contact our Data Protection Officer via the following email address: Dataskyddsombud.email@example.com
Philips Electronics Nederland B.V. ("Philips")
Boschdijk 525, 5621JG, Eindhoven, The Netherlands
Contact our Data Protection Officer via our contact form.
What Personal Data are collected; Why are these Personal Data collected? With whom are Personal Data shared? How long will the Personal Data be kept?
To protect your privacy, all directly identifying data (example: name, medical record number, contact details) will be separated from the research data (such as measurement data) and replaced by a participant code. On all study-specific documents, you will be referred to by a participant code, not by name. Philips will only receive the research data.
Your participation in and any information you provide in relation to this initiative is confidential. Records identifying you will be kept confidential to the extent allowed by the law.
In addition to the information above, the following people might have access to records directly identifying you:
- Individuals performing the study;
- Individuals who have a business need to access your Personal Data;
Results may be published without disclosing your identity.
What is the purpose and legal basis of the processing?
For scientific research purposes, we will process your data for the following purpose:
- There are two aims in this project. The first aim is to assess the potential benefits of our software prototype that enables comprehensive representation of the relevant data needed for primary decision making in prostate cancer care. Potential benefits are measures in terms of both clinically parameters (improvement in patient outcome) and workflow efficiency and quality. The second aim is to create predictive algorithms that may support the decision making process to improve patient outcomes.
Insofar as we have a legitimate interest, we may process your data for the following purposes:
- For data analysis, for example, to improve the efficiency of the Initiative;
- For developing new products and services
- To aggregate and/or anonymize Personal Data, so that it will no longer be considered Personal Data. We can do so to generate other data for our use, which we may use and disclose for any purpose;
- For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
- To enforce our terms and conditions and to protect our rights, privacy, safety or property of our affiliates, you or others.
To comply with legal obligations Philips may process or disclose your data for the following purposes:
- For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements;
- To comply with applicable law - this can include laws outside of your country of residence;
- To respond to requests from public and government authorities, these can include authorities outside your country of residence;
- To cooperate with law enforcement, for example law enforcement requests and orders;
- We may also process or disclose your data to protect your or someone else's vital interests.
With whom do we share your Personal Data?
We may disclose your Personal Data:
- Our affiliates or subsidiaries for the purposes in this privacy notice. Affiliates all process data under the same set of Binding Corporate Rules (www.philips.com/privacy);
- To our third party service providers who provide services such as website hosting, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, auditing and other services;
We seek to use reasonable organizational, technical and administrative measures to protect personal data within our organization. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How can you contact us?” section below.
What are your rights?
If you would like to:
- Ask questions about how we handle personal data;
- Request to review, correct, update, suppress or restrict the use of your personal data;
- Request that your personal data be removed;
- Withdraw your consent (Only possible if the processing is based on your consent. It will not affect the lawfulness of processing based on your consent before the withdrawal);
- Object to our use of your personal data for our legitimate business interests;
- Request to receive an electronic copy of your personal data for purposes of transmitting it to another company (to the extend this right to data portability is provided to you by applicable law), please contact us via the details provided under the “How can you contact us?” section below. We will respond to your request consistent with applicable law.
In your request, please make clear what personal data you would like to have changed, whether you would like to have your personal data suppressed, or otherwise let us know what limitations you would like to put on our use of your personal data. For your protection, we only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we need to retain certain information for recordkeeping purposes (e.g., there could be legal obligations to retain certain information, if so, you are not be able to change or delete the personal data provided until after the retention period in that respect has passed).
Updates to this Privacy Notice
We may change this privacy notice. The “Last update” legend at the top of this privacy notice indicates when it was last revised. Any changes will become effective when the revised privacy notice is made available (online if it was already online, otherwise mail or email). If the change to this privacy notice is indicative of a fundamental change to the nature of the processing (e.g. enlargement of the categories of recipients or introduction of transfers to third countries) or a change that may be relevant to and impact upon you, then we will inform you in advance of the change taking effect in an explicit and effective way.
How can you contact us?
If you have any questions about this privacy notice or about the way Karolinska University Hospital uses your personal data, please contact our Data Protection Officer via the following email address: Dataskyddsombud.firstname.lastname@example.org
If you have any questions about this privacy notice or about the way Philips uses your personal data, please contact our Data Protection Officer via our contact form
(https://www.philips.com/contactprivacy) or at
Philips Center HBT 16
Attn.: Data Protection Officer
P.O. Box 77900, 1070 MX
Amsterdam, The Netherlands
Alternatively, you have the right to lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs.