Ga naar de inhoud
Blog Podcast Kalender Over ons Werken bij
SDB Groep logo

Privacy and cookie statement Karify

 

Version 30-05-2024

1.             Privacy- en Cookieverklaring Karify

This statement describes the privacy and cookie policy regarding:

  • Data of users of Karify’s personal environment ‘https://my.karify.com’ (‘users’), processed by Karify
  • Data of users in Healthspaces provided by healthcare providers on https://[subdomain].karify.com, processed by Karify

 

2.             Identity

Karify is provided by Karify B.V. (“Karify”), a limited liability private company, located at Pythagoraslaan 101 (Dutch Chamber of Commerce number: 58658394) . You can reach Karify at questions@karify.com. Karify has appointed a security officer that you can reach by emailing security@karify.com.

 

3.             Processing data

3.1.        As data controller, as referred to in the General Data Protection Regulation (“GDPR”), Karify processes visitor data to:

  • Improve Karify’s service
  • To make visitor aware from time to time or new or changed Karify functionality, or to make visitor aware of new applications or developments that might be of interest to the visitor (unless the visitor has explicitly stated to not desire such notifications by emailing security@karify.com)
  • To gain insight into visitors
  • To improve the user experience of the websites
  • To provide personalized information, to improve or optimize treatments and possibly reduce spamming.
  • To do statistical analysis
  • To fulfill legal obligations

 

3.2.        As data processor, as referred to in the General Data Protection Regulation (“GDPR”), Karify processes user data to:

  • Fulfill the services of the subscription to Karify (providing personal data by the user is necessary for this)
  • Improve Karify’s service
  • To make the user aware from time to time or new or changed Karify functionality, or to make the user aware of new applications or developments that might be of interest to the user (unless the user has explicitly stated to not desire such notifications by emailing security@karify.com)
  • To gain insight into users
  • To improve the user experience of the websites
  • To provide personalized information, to improve or optimize treatments and possibly reduce spamming.
  • To do statistical analysis
  • To fulfill legal obligations

3.3.        When processing personal data from visitors or users, Karify does on a legal basis as referred to in the GDPR. The legal basis can be:

  • User permission
  • In order to fulfill the contract between user and Karify, or healthcare provider and Karify
  • To fulfill any legal requirements Karify is subject to
  • To protect vital interests of user, visitor or other natural persons or users
  • To protect the legitimate interest of Karify or a third party.

3.4.        When the public websites are visited, the browser type, browser language, and IP-address as well as information regarding the operating system and device of the visitor is registered. The time of the visit and the specific elements of the website visited are also registered. This is described in more detail in article 10.

3.5.       From time to time, Karify may ask permission to process data not described in this document

3.6.       Karify shall not sell personal data to third parties.

4.           Visitors and users younger than 16 years of age

If a user or visitor is younger than 16 years of age, the user or visitor may only provide their data to Karify with permission of their parents or persons with parental authority.

5.           Sharing personal data with third parties

5.1.        The user can share (parts of) their health data in their personal environment with healthcare providers. Users will at all times be able to see with whom they have a connection. For some transfers of data, Karify will have to request permission of the user or visitor. Karify may be legally obliged to issue personal data to for example the national tax services, police or a legal supervisor.

5.2.        When Karify users sub data processors for personal data, Karify will hold them to a data processor agreement subject to the GDPR.

6.           International transfer of personal data

6.1.        Karify processes users’ and visitors’ data only within the European Union, by only keeping this data in data centers located in the European Union.

6.2.        De GDPR applies to all countries in the EU. When Karify uses sub data processors, Karify demands they store data within the EU. In the case this is not possible, Karify will take necessary measures to provide an appropriate level of security for the protection of the data.

7.             Security

7.1.        Karify takes appropriate technological and organizational measures to prevent the loss of personal data or illegitimate processing of personal data.

7.2.        Karify is only accessible via the HTTPS-protocol, ensured by SSL-certificates with 256-bit encryption. This means that all communication from and to the Karify servers is encrypted and that users are ensured of a direct connection to the Karify servers. The Karify network and data center are ISO27001 and NEN5710 certified.

7.3.        Access to Karify-data is closed to the outside, through firewalls and principles like whitelisting and security by design. Additionally, active monitoring and logging is standard procedure, in order to act upon undesired activity in the network.

7.4.        For more information contact Karify Security Officer at security@karify.com

8.             Links to other websites

8.1. Karify or Karify’s websites may contain links to third party websites. Their respective privacy statements apply to data processing. Karify is not responsible for the content on third-party website and their data processing.

9.           Users’ and visitors’ rights

9.1. Where Karify is the data controller, users and visitors have the right to:

  • Request Karify to delete their personal data
  • Request Karify to rectify their personal data
  • Request Karify to restrict the processing of their personal data
  • Object to Karify’s processing their personal data
  • The right of data portability

9.2. Users and visitors can assert any of the above rights by sending a request to security@karify.com. All requests will be handled in compliance with the GDPR.

9.3. In case Karify processes data based on consent, a user may at all times withdraw this consent by emailing a request to security@karify.com

9.4. Users and visitors have the right to file a complaint with the supervising authority.

9.5. When Karify asks for information from a visitor or user, Karify will state which of the requested information is optional. When the user or visitor does not supply the requested information, it might be impossible for Karify to fulfill a request or service.

9.6. Karify maintains the right to refuse any request of a user or visitor if this person cannot prove his/her identity and/or an exception to the GDPR applies. In such a case, Karify will notify the respective user or visitor.

10.          Cookies

10.1. The public websites and apps of Karify save information and gain access to visitors’ device in the form of cookies (“cookies”). Karify users tracking cookies to gain insight into visitors’ behavior on public websites. For this, we use Google Analytics.

10.2. Upon the initial visit to Karify’s public websites, the visitor will be informed of the use of these cookies and prompted to accept them. By proceeding to use the website, the visitor accepts these cookies as described in this article.

10.3. Other cookies are used to enable the communication with visitor or user, that are necessary to provide Karify’s service (session cookies or statistical cookies). No prior consent is necessary for these cookies.

10.4. Users or visitors may refuse these cookies via their browsers by blocking cookies are removing cookies. Blocking or removing certain cookies might cause certain parts of Karify not to work or have reduced functionality.

11.          Data retention period

11.1. Data, as referred to in Article 3.1, is kept for a maximum of fourteen months after their respective visit. Data, as referred to in Article 3.2, will be kept until the subscription is ended or a request has been filed to delete the account. When you request for your account to be deleted, we will complete this within the legally required period.

12.       Questions regarding Privacy

12.1. Questions regarding privacy may be addressed to Karify’s management via mail or via email at security@karify.com

13.          Changes to this policy

13.1. This privacy declaration may be changed by Karify from time to time.

Wil je meer informatie?

Laat je gegevens achter en we nemen contact met je op

Hidden
Dit veld is bedoeld voor validatiedoeleinden en moet niet worden gewijzigd.