Pursuant to the Personal Data Act § 19 provides SmartCare AS («SmartCare») with the following information in connection with the collection of sensitive information from those individuals who have entered into agreement with SmartCare and registered as users / licensees (hereinafter “The User “) of the application «DiabetesGuard».
- Responsibility: The Personal Data Act: SmartCare AS
att/ General Manager
Org. no. 997 073 916
SmartCare has entered into data processing agreement with the companies Windows Azure Trust Center and Falck.
- The purpose of the processing of data is that SmartCare always has an overview of information about users who use the application «DiabetesGuard», information registered in The User’s health record and given Guardians and other contacts, are used to:
- Identify and contact The User, given Guardians and other contacts.
- Assists the patient in the best possible way with advice, assistance in their own country or assistance while traveling.
- Collect payment from The User.
- Finance the product by marketing from SmartCare or third parties to The User, given Guardians and other contacts.
- Make sure Guardians and others who are alerted receive the accurate information about who The User of the service is, and to give the correct information about The User.
- Inform The User, given Guardians and other contacts of relevant information about The Service and possible future services and its content.
- The Following information will be collected about The User, given Guardians, and other contacts:
- The User’s Full Name
- Mobile Phone Number
- The User’s Phone Type
- E-mail address
- Name and phone number of The User’s Guardians
- The User’s GPS position
- The User can register the following information on the health card themselves:
- The User’s Date of Birth, Address and Date of Diagnosis
- The User’s Diabetes type and other relevant information about The User’s diabetes
- The User’s Medicines/equipment, and doses
- Other relevant useful information about The User’s diabetes
- Other relevant useful information or appointments with The User’s own professional dependents (For example In-Home Nursing Service)
- Insurance Card
- Information collected and processed will be provided by The User themselves in association with the registration of the application DiabetesGuard, completion of health records and by SmartCare enabling their server. Recipient of the information is SmartCare and the data processor (DT) Windows Azure Trust Center.
- In the subscription that includes Falck’s services, Falck will, if an alarm is triggered or by The User calling the counseling phone, be the recipient of information about The User that is necessary to safeguard The User. Falck will, when necessary, assist The User to get adequate health care, convey information about The User to third parties.
- The information collected and processed will be deleted when the agreement between SmartCare and The User ends.
- If one enters The Agreement on the use of the application DiabetesGuard, it is a prerequisite for the agreement that The User give up personal information referred to in paragraph 3. It is thus not voluntary whether The User wants to give away this information to SmartCare.
- If one enters a subscription that includes Falck’s services, it’s encouraged to fill in the relevant information on the health card as mentioned in paragraph 4 so that Falck will be able to assist with the best possible assistance to The User.
- It is the User’s responsibility to ensure that all information recorded on the health card is correct, true and updated.
- The User is entitled to full transparency about what information SmartCare processes about The User.
See Personal Data Act § 18. The User may demand that specific information that is incorrect/incomplete to be corrected. You may for this purpose contact SmartCare.
- Through data processing agreements, SmartCare implemented measures to ensure that personal information about The User isn’t left for others beyond what is stated in the Terms and Conditions of this declaration.
Specifically, it is implemented the following measures;
- Physical security of data centers where network infrastructure, storage systems and servers are located.
- Protection against unauthorized access via the network (firewall services).
- Remote operation is ensured by encrypted network connections.
- Only personnel who have the need for access to servers and network to undertake the delivery/maintain the service, may have access.
- Access to authorized personnel based on individual user name and password.
- Data backup in accordance with the agreed extent and frequency.
Effective date: Aug 3, 2016