Data&InsightsPrivacyNotice

Data & Insights aggregates anonymous health and operational data to produce insights for healthcare improvements, research and policy.

We de-identify data using techniques before sharing or analysis (e.g. pseudonymised data is not treated as personal data).

We are committed to using analysis and data tools to help improve care, privacy, and services for all patients. If a patient uses Data & Insights, they will be engaging with safer business and we will continue to perform assessment and progress to standardized. We individual potential can determine their own care, privacy and compliance at any time via registration.

We are not currently sharing Data & Insights results with authorized partners, but if we do, we commit to doing so only under strong contractual and technical safeguards (see "Sharing" below).

For privacy questions or to exercise your rights, contact dataprotection@vivafemini.org.

Personal data: information that can identify an individual (only for registration/consent/opt-out or if participate in a program).

Pseudonymised data: identifiers replaced with unique key codes used only for limited operations or research purposes under safe guards.

Anonymous / aggregated data: data processed so individuals cannot reasonably be identified. We treat properly anonymised data as non-personal data.

Improving health services and patient outcomes — lawful basis: legitimate interest / public interest where applicable.

Supporting public health surveillance and response — lawful basis: public interest / legitimate interest.

Enabling and supporting clinical and ethical research and drugs development efforts with appropriate safeguards — lawful basis: interest / consent where required.

Informing evidence-based policy programs and funding decisions — lawful basis: public interest / legitimate interest.

Optimizing product and platform integrity to improve VivaFemini services — lawful basis: legitimate interest.

Sending marketing or product communications — lawful basis: consent (see "Marketing & communications").

Users of VivaFemini products and services.

Information provided via forms and clinical workflows.

Publicly available sources (for benchmarks) where permitted.

When we engage partner clinics, physicians or practitioners in the future we will collect data from them only under strict data contracts after fair and effective appropriate due-diligence, consent and/or safeguards are in place.

We apply technical and organizational measures like aggregation (thresholds), suppression, hashing, masking/blurring, and use of noise and where appropriate differential privacy techniques to reduce the risk of re-identification.

Properly anonymised data is no longer personal data, and such, is not subject to re-identification risk. If identification data is required for legal reasons systems, we will rely on robust and strongest safeguards (including consent, DPIAs, and third party).

Public health authorities for surveillance and response.

Academic/research institutions and universities for approved studies.

Pharmaceutical and medical research organizations (under strict contracts and self-regulatory robust regimes).

Funders and donors for evaluation program impact.

Trusted health tech partners under strict tech and data protection safeguards.

Any sharing of pseudonymised or non-anonymous data will only occur where there is a lawful basis, appropriate safeguards (e.g. Data Processing Agreements), robust technical controls and where required, your consent. We will not sell your personal data.

We retain personal data only as long as necessary to meet the purposes set out here and to comply with legal obligations. Anonymised, aggregated datasets used for research and reporting may be retained longer.

If you request deletion, we will process your request against legal requirements and our retention needs and archive with applicable law.

We implement industry standard technical and organizational measures like encryption in transit and at rest, role-based access controls, secure development and testing, logging and monitoring, and multi-factor authentication.

Although no system is perfect, we are committed to reducing risks and responding quickly to incidents. If we learn of any risk to relevant rights or safety occurs, we will notify affected people and regulators as required by law.

Update your preferences in your VivaFemini account settings (where available) or

E-mail our Data Protection Officer at dataprotection@vivafemini.org with your unsubscribe request.

Accessing the personal data we hold about you.

Correcting inaccurate information.

Requesting deletion or restriction of processing.

Objecting to certain types of processing (including for direct marketing).

Requesting data portability where applicable.