PRIVACY STATEMENT

In this statement we want to inform you of our privacy, cookie and the security policy of Fysiologic ECG Services B.V.

CONTACT DETAILS

Herikerbergweg 179 Unit 8.01
1101CN Amsterdam
COC-number: 30233734.
Website: www.fysiologic.nl

GENERAL

During the processing of personal data we comply with the privacy legislation. This implies that we:

PURPOSES OF THE DATA PROCESSING

Fysiologic processes personal data when our services are being used and/or when you personally make them available to us. Fysiologic only processes personal data when consent has been given between our services, visit to our website or another purpose.

Per specific purpose it is indicated below in this statement what data we obtain from you, for what purpose, and on the basis of what foundation we process these personal data, and how long they are retained.

If you have questions or if you want to know exactly what data we keep about you then contact us via the information at the bottom of this privacy statement.

AUTOMATED DECISION-MAKING

Fysiologic does not reach decisions on the basis of automated processing on matters that may have (considerable) consequences for persons.

1. THE SUPPLY OF OUR SERVICES

After consent or for the implementation of an agreement, we supply our services and expertise. To this end, we process the following personal data: Special personal data are processed of the patient or person related to the registration of the electrocardiogram (ECG). These data are required for the review of the ECG report, e.g.: We use these data to be able to implement the agreement that we conclude with you and to maintain the relationships that derive from the same. We retain these data during the term of the agreement. Some data we retain longer, if we are held to do so (for instance due to the tax retention period of seven year).

We only process the special (medical) data required for the ECG functional analysis on instruction (the data cannot be traced back to individual persons). We do not retain the said medical data longer than 3 months, unless stipulated otherwise with the controller (client). For training purposes ECG data can be retained longer, however, as the occasion arises, the said data shall no longer be traceable to an individual person.

Rights of patients

We only process the special (medical) data for the ECG functional analysis on instruction (the data are not traceable to individual persons). We do not retain the said medical data longer than 3 months, unless stipulated otherwise with the controller (client). For training purposes ECG data can be retained longer, however, as the occasion arises, the said data shall no longer be traceable to an individual person.

2. PLACING AND HANDLING OF ORDER

You can place an order via our website. When you place an order with us, you leave behind certain data. We need those data to handle the order. To this end, we process the following personal data: We use these data to be able to implement the agreement that we conclude with you. We retain these data until your order has been completed. Some data we retain longer, if we are held to do so by law (for instance due to the tax retention period of seven year).

3. ECG ACADEMY

Fysiologic provides training sessions, courses, and webinars via the Fysiologic ECG Academy. Via our website you can enrol in these training sessions, courses, and webinars.

To this end, we process the following personal data: We need these data to send you the training material and practical information, to issue a certificate of participation, to invoice, and potentially to arrange for the lunch on location. We retain these data until you have completed the training session, course, or webinar and the payment has been made. Some data we retain longer, if we are held to do so by law (for instance due to the tax retention period of seven year).
We usually provide training at a training location. For our training courses, both the public courses and the courses within the training, we also use an online learning environment. To this end, we create an account for you in our online learning environment. This account is retained for one year, in case of an individual training, 1.5 years in case of a one-year training course, and 1 year in case of a training course of less than one year. This is calculated from the start date of the course respectively the training date of an individual training.

To safeguard that participants in the full course who can (partly) not be present can still watch the course, we record the majority of the courses within trainings. This also falls under the implementation of the agreement. In case of courses within a training programme, the recordings are retained as long as we deem this to be required.

The recordings are posted in our online learning environment, which is only accessible to participants in the full training course. In case of participation in a training course that is being recorded during the course of which we record personal data, we do this on the basis of our justified interest, namely the interest in implementing the agreement with the participants in the training programme (as described above). If you, as an individual participant, object to this then you can communicate this at the start of the training or via the contact details via the website.

4. ANONYMISATION

We can anonymise personal data that we obtain through the use of the website. This implies that the personal data originally obtained by us are rendered anonymous to such degree that the data subject can no longer be identified on the basis of the said data. Hence, the data are no longer personal data and privacy risks are consequently no longer associated with them.

We have a justified interest in the anonymisation of data. Namely, by means of the said anonymised data, we can conduct statistical research and improve our website.

5. CONTACT

We offer various possibilities to contact us. This can be done by telephone, but also by email and the contact form. To this end, we process the following personal data: We use these data to properly handle your request to contact you and to implement the relevant agreement with you. We retain these data until we believe that you are satisfied with our reaction.

6. RECRUITMENT AND SELECTION

For the recruitment and selection of potential candidates, it is necessary that we process personal data.

To this end, we process the following personal data: We process these personal data for recruitment, selection, and the assessment of potential candidates. We process your personal data on the basis of our justified interest, namely the filling of vacancies. This always regards data that you personally disclose or make available to us. In addition, this may also be of interest to you in the context of interesting job offers. We process your data if we are of the opinion that you are a suitable candidate. We also request your prior consent for this.

If you do not enter into our employ after conclusion of the application procedure then we retain the data no longer than six weeks after conclusion of the procedure. This way, we can still approach you if the previous candidate, on further consideration, does not appear to be suitable. If you gave con sent for retaining your data longer then we retain your data for at most one year after conclusion of the application procedure.

7. APPLYING FOR A JOB WITH US

Did you react to one of our vacancies or did you send an unsolicited application? Then we process your personal data in order to be able to handle your application. To this end, we process the fol lowing personal data:
We use these data for the preparation of the potential conclusion of an employment agreement. If you do not enter into the employ of Fysiologic after conclusion of the application procedure then we do not retain the application data longer than four weeks (without permission) after conclusion of the procedure. This way, we can still approach you if the previous candidate, on further consider action, does not appear to be suitable. If we cannot offer you a position at the moment then we can - with your consent - retain your application data for at most one year after conclusion of the application procedure. You can revoke your consent at any time by sending us an email. If you enter into our employ then we retain your application data in the personnel file.

In the event that social media and internet screening is required or justified during the application procedure, this shall be indicated in the vacancy text or you shall, as a candidate, be informed in advance. We can use retrieved information during the application procedure for further assessment. To this end, we conduct a Google search on your name, and potential profile on various social media. The latter, obviously, to the extent that the said profiles are public; we shall not request you to provide us access to a protected social media page or to connect with us. It goes without saying that the findings shall always be discussed with you. We do not dismiss people merely on the basis of the screening results. If you object to the screening then you can indicate this by email at the moment that you apply.

If we require assistance from external HR consultants with regard to your application then it may be that we forward your data to them. It may also be that we forward your application to other under takings related to Fysiologic ECG Services B.V., if your application bears relevance to them.

8. WHEN CAN WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES?

Fysiologic only shares your data with third parties, if this is permitted on the basis of the present legislation. It may occur that we make your personal data available to third parties because: If we make your data available to third parties then we ensure (inter alia via an agreement) that your data are not used for other purposes. In it we also agree that your data are erased as soon as they are no longer required. The parties that process personal data under our or your authority are:
To be able to supply our services, Fysiologic can make your personal data available to parties that are established outside the European Economic Area (EEA). Fysiologic only does this if there is question of an appropriate level of protection for the processing of personal data. This implies, for instance, that we use a model agreement of the European Commission or agree on arrangements about the handling of personal data.

9. SECURITY

Fysiologic takes the protection of your data seriously and implemented appropriate security measures to limit abuse of, and unauthorized access to, your personal data. We ensure that only the necessary persons have access to your data, that the access to your personal data is protected, and that our security measures are checked regularly. We take, inter alia, the following security measures:

10. RECAPTCHA

We use the reCAPTCHA service of Google Inc. (Google) to protect our website against spam and abuse. To make sure that Google reCAPTCHA works, the IP address of a website visitor, the mouse movements, and potential other data as well as collected. To this end the information is sent to and processed by Google. By analysing this information, Google can determine whether we are dealing with an actual website visitor or a robot. For more information we refer you to the privacy statement of Google.

11. USE OF COOKIES

We use our own cookies and cookies of third parties on our website. A cookie is a simple, small file that is sent with our website(s) and that is stored on the hard disk of you computer or other device by your browser. The information stored in it can, in case of a subsequent visit, again be sent to our servers or that of the relevant third parties. It also allows us to optimise our website(s).

You can opt out of cookies by setting your internet browser to block cookies or by activating the 'Do Not Track' option (DNT). In addition, you can also delete all the information that has previously been stored via the settings of your browser. We, and third parties, use various types of cookies: When you visit our website for the first time, we show a notification with explanation of the various cookies that can be installed and the relevant purpose. In this respect we shall, in so far as we are held to do so, request for your consent for the use of all or certain types (functional, statistics and/ or marketing) of cookies.

Activation and deactivation of cookies

In your web browser you can configure that the installation of cookies is only accepted when you consent to it. For more information about this, consult the manual of your browser. Please note: many website do not work optimally if the cookies are deactivated.

Deletion of cookies

Most of the cookies have an expiry date. If an expiry date has been set then the cookie is deleted automatically when the expiry date lapses. You can also decide to delete the cookies manually, before the expiry date has lapsed. Consult the manual of your browser for this.

12. RIGHTS OF DATA SUBJECTS

You are entitled to the following rights:
If you want to exercise one of these rights then we may request you to provide proof of your identity. We ask information for this in order to be certain that you are the correct person to whom the personal data belong.

We shall basically comply with your request within one month. However, this period can be extended by two months for reasons that are related to the specific privacy rights or the complexity of the request. If we extend this period then we shall inform you within the first month.

If you want to exercise one of your rights then you inform us of this by contacting us via the contact information at the bottom of this privacy statement.

13. SUBMIT A COMPLAINT

If you have questions, or if you want to submit a complaint, about the use of your personal data then you can contact us via the contact information at the bottom of this privacy and cookie statement. We handle each and every question and complaint internally and communicate further with you about it. However, if you feel that we cannot assist you in the correct manner then you can contact the Dutch Data Protection Authority to submit a complaint.

14. CHANGES IN THIS PRIVACY STATEMENT

Fysiologic is entitled to make changes in this privacy statement. Changes shall be posted on the website of Fysiologic. Hence, regularly check this privacy statement so that you are informed of potential changes.

The present privacy statement was updated last on May, 31th, 2023.

CONTACT

If you have questions, require additional information, or want to report something about a data or security breach, or that there are indications of abuse, then please feel free to contact the Data Protection Officer(DPO) of Fysiologic. The DPO can be reached by telephone on +31 88 045 06 00 or via the email address privacy@fysiologic.nl.

If you cannot agree with how we handle personal data after your complaint, then you are entitled to submit a privacy complaint to the Dutch Personal Data Authority. (https://autoriteitpersoonsgegevens.nl).