Privacy policy

PRIVACY STATEMENT REMEDUS

 

  1. Introductions

Remedus BV values privacy and is therefore committed to protecting the personal data of all its stakeholders. This Privacy Statement gives an overview of the importance we attach to your privacy and the protection of your personal data within the framework of the European Regulation 2016/679 of 27 April 2016 on Data Protection (GDPR), medical secrecy and the Belgian Act of 22 August 2002 on Patients’ Rights, how we work, who our trusted partners are, what your rights are and what our obligations are.

 

  1. Who processes your personal data?

Remedus BV (hereafter ‘we’), based at 2630 Aartselaar, Boomsesteenweg 44 with company number BE 0456.716.679 is the Data controller of your personal data. This means that we determine how and for what purposes your personal data are processed.

 

  1. Which personal data is being processed by us?

We process personal data of different categories of data subjects such as visitors to our website, our partners and any job applicants.

 

  • Personal data of visitors of our website such as patients, healthcare providers and partners
  • Identification data such as your name and surname;
  • Contact details such as your e-mail address and phone number.

 

  • Personal data of job applicants
  • Identification data such as your name and surname;
  • Contact details such as your e-mail address and phone number.
  • CV;
  • Motivation letter.

 

  • Cookies

When you visit our website(s), certain non-essential cookies may be installed on your end device with your consent. For more information on cookies, please find all information in our Cookie Policy.

 

  1. For which purposes do we process your personal data?

We will only process your personal data for the purposes listed below. If we would like to carry out new processing with regard to your personal data and you would not reasonably expect us to do so as a healthcare provider, we will always ask for your prior informed consent.

 

  • To be able to contact you in the event of a contact request.
  • In the context of recruitment and job applications.

 

We regard your personal data as confidential and undertake to process it only in a way that is compatible with the purposes for which it was originally collected.

 

  1. With whom can we share your personal data?

Internally, your personal data is processed by our employees on a need-to-know basis. This means that only those people who really need to have access to your personal data to help you in the best possible way, have access to it.

Externally, your personal data will also only be processed by third parties when this is strictly necessary to fulfil the following purposes:

  • To assist us in the purposes listed in point 4;
  • To fulfil our legal obligations.

We have signed data processing agreements with these third parties to guarantee that they, like us, process your personal data with the utmost respect and security.

 

  1. Processing outside of the European Economic Area (‘EEA’)

Your personal data will only be processed and stored by us and our partners within the EEA. Under no circumstances will your personal data leave the EEA.

 

  1. Retention of your personal data

We will retain your personal data for no longer than is strictly necessary for the fulfilment of the purposes for which we received it, or for the performance of a contract or for complying with a legal obligation. Our retention periods vary according to the nature of the processing in question and the purpose for which your personal data was collected.

In all cases, personal data may be retained for longer periods if there is a legal or regulatory reason to do so, or for a shorter period if you object to the processing of your personal data and there is no longer a legitimate reason to retain it.

 

  1. Security of your personal data

To protect your personal data, we take appropriate technical and organisational measures to protect it as best as possible against loss, accidental changes, unauthorised access, or misuse. These measures include physical and operational security measures, access control to our IT systems, awareness-raising of our staff and confidentiality clauses of both internal and external employees.

The same level of security is also imposed on our processors.

 

  1. Which rights do you have and how can you exercise them?

For all your questions regarding your personal data or to exercise your rights as mentioned above, please contact our Data Protection Officer (‘DPO’). You can do this by sending a dated and signed request, together with a one-sided (verso) copy of your identity card by post to Remedus, Boomsesteenweg 44, 2630 Aartselaar or by e-mail to dpo@remedus.be. We commit to respond to your request within one (1) month of receipt.

  • Right of access

You have the right to request access to your personal data at any time, and to request a copy of the personal data we collect about you.

  • Right to rectification

You always have the right to have inaccurate personal data corrected or incomplete personal data completed.

  • Right to erasure

You can ask to have your personal data deleted from our systems.

The request to delete your personal data cannot always be granted due to contractual or legal obligations. We will take these obligations into account when responding to your request.

  • Right to object

You have the right to object to the processing of your personal data if the processing is based on one of our legitimate interests or is in the public interest. We will then cease this processing unless we can prove that there are more compelling legitimate grounds for further processing or for the protection of our rights in the context of legal disputes.

  • Right to withdraw your consent

For the processing of your personal data that we have collected with your consent, you may withdraw your consent at any time. However, withdrawing your consent does not apply to processing carried out by us before that withdrawal.

  • Right to restrict processing

In certain cases, you have the right to obtain the restriction of the processing of your personal data. We will continue to store your data, but we will limit its use. For example, you can make this request if you believe that your personal data is incorrect or if the processing by us is not justified. We only have to fulfil these requests in specific cases, as provided by the law.

  • Right to data portability

You have the right to obtain your personal data processed by us in a structured, commonly used and machine-readable format and/or to have that data transferred to another controller.

  • Right to lodge a complaint

If at any time you believe that we have breached your privacy, you have the right to file a complaint with the Belgian Data Protection Authority: Gegevensbeschermings-autoriteit, Drukpersstraat 35, 1000 Brussel, Tel +32 (0) 2 274 48 00, e-mail: contact@apd-gba.be.

 

  1. Personal Data breaches

In the event that you discover or suspect a Personal Data breach, you can notify us using the same contact details as mentioned in section 9 of this privacy declaration, namely: by post to Remedus, Boomsesteenweg 44, 2630 Aartselaar or by e-mail to dpo@remedus.be.

 

  1. Modification of this privacy statement

We can modify this privacy statement at any time by publishing an adapted version on the website or mobile application. It is recommended that you consult this privacy statement regularly. In case of major changes, Remedus will take the necessary steps to explicitly communicate these changes to you. The privacy statement published on our website or application is always the most recent one.