This tool follows the general rules and procedures for the processing of personal data, which are collected and processed in strict compliance and compliance with the provisions of personal data protection legislation in force at any given time, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), and the respective Implementing Law in the national legal order (Law 58/2019 of 8 August).
SmartAL processes your personal data for the purpose of managing the provision of services contracted with your health care provider, which is the entity responsible for the processing of Personal Data. SmartAL’s services allow you to collect, edit, add and store your health data online, enabling them to be shared with your authorized formal and informal caregivers. In the context of contracted services, our records may include one or more of the following personal data, only and restricted to the provision of SmartAL services:
- Administrative data: name, gender, age, business address, nationality, email, phone number, mobile number;
- Basic measurements: height, weight, BMI, blood pressure, pulse rate, glucose, SpO2, body temperature, step counter, ECG;
- Clinical information: Diseases, allergies, medication, tests, exams, diagnoses, calendar of medical appointments, other routine patient activities, clinical notes and comments on the patient, social survey responses, physical activities.
The tool will keep your personal data for the period necessary for its purposes and compliance with legal obligations.
The mobile application may use GoogleFit, by Google, for the reading of basic measurements and physical activity, in accordance with the stated purposes. App’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including Limited Use requirements. Likewise, the application may also use Google’s Health Connect, adhering to the similar Health Connect Permissions Policy, including the Limited Use requirements.
What information do we collect?
The purpose of this section lets you know what information we collect about you when you use our mobile application, how that information is used, and the ways in which we use the additional information you provide.
Below are the permissions we request in our smartphone and tablet app, and how the information is handled:
- Bluetooth and Location: SmartAL may use your Bluetooth and Location services to scan, find and connect to nearby authorized devices, in order to retrieve health information provided by them.
- Camera and Microphone: SmartAL may use your Camera and Microphone during video calls, if the user chooses to initiate them, or accept them. The Microphone may also be used to record your voice messages and send them to other SmartAL users in the app’s contact list.
- Storage (photos, media, and files): SmartAL may access your device’s storage to read files you choose to upload and share with other users in the app’s contact list, or with your caregiver. SmartAL may also write temporary files when you open a remote file sent to you, or when sending a voice message.
- Google Fit: If enabled, SmartAL may access your Google Fit account to synchronize activities, and retrieve health measurements.
- Health Connect: If enabled, SmartAL may access your Health Connect account to retrieve health measurements.
- Push Notifications: We may request to send you personal push notifications regarding your account or certain features of the application(s) such as: health alerts, task reminders, new features, etc. If you wish to opt out from receiving these types of communications, you may turn them off in your device’s settings.
Below are the permissions we request in our watch (Wear OS) app, and how the information is handled:
- Location: SmartAL uses Location services to collect your location through GPS, WiFi, or wireless network triangulation in order to obtain your location for the purposes of providing the SmartAL Service.
- Health: SmartAL uses Health services to retrieve your health measurements collected by the smartwatch.
The location and health information are both collected in the background, so that you don’t need to worry about interacting with the app, or remember to open the app. Once configured, the app runs automatically in the background, providing up-to-date alerts to the user’s caregivers.
How do we use the non-personally identifiable information we collect?
In addition to those uses set forth above, we use non-personally identifiable information in the aggregate to determine how much traffic the app receives, to statistically analyze app usage, to improve our content, and to customize the app’s content, layout and services.
We automatically collect device information (such as your model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, and Internet Protocol (IP) address (or proxy server). This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.
How do we keep your information secure?
Communications between the app and the server are protected with Secure Socket Layer (SSL) encryption. This encryption is to help protect your information while it is being transmitted. Once we receive your information we strive to maintain the physical and electronic security of your personal information using commercially reasonable efforts.
SmartAL’s profiles are restricted, and can only access what is strictly necessary. Only caregivers can access sensitive information (health and location) about patients, and they can only do so to patients that have been assigned to them.
We limit our employees’ access and ability to enter or view information based upon their role. Firewalls, passwords, encryption, and audit trails are further used to safeguard your information. We will identify the records released and note the time and date of access each time anyone accesses SmartAL.
When and with whom do we share your information?
The third parties we use are: Firebase Analytics and Firebase Push Notifications.
For how long do we keep your information?