Smart Blood Analytics

Smart Blood Analytics

Privacy Policy

1. Introduction

At SBAS, we collect, process, and store your Personal Data as you use our Tool and Services. Personal Data is information that can reasonably identify you, such as your name, email or date of birth, or it may be information that can reasonably be linked back to you.

This Privacy Policy describes our practices for collecting, processing, and storing your Personal Data, and the controls we provide you to manage it within our Services. In addition, we have a Cookie Policy that describes our use of browser cookies and similar tracking technologies.

Importantly, we do not collect, process, and store any Data Concerning Health which is not being anonymized and pursuant to which we cannot establish identification of an individual. By accepting the Terms and Conditions, you have explicitly agreed not to enter into the Tool any Personal Information, so that information entered into the Tool will at all times constitute Anonymized Information.

2. Definitions

Anonymized Information: any information that has been anonymized in a manner to result in the information no longer being able to reasonably identify an individual, whether directly or indirectly, and is therefore no longer considered as Personal Data.

Data Concerning Health: Personal Data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status, as defined in Article 4 of the GDPR.

FADP: Swiss Federal Act on Data Protection.

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal Data: information that can be used to identify you, either alone or in combination with other information, as defined in Article 4 of the GDPR.

Services: SBAS’ products (including the Tool), software, services, and website (including but not limited to text, graphics, images, and other material and information) as accessed from time to time by the user, regardless if the use is in connection with an account or not.

SBAS: Smart Blood Analytics Swiss SA, whose principal place of business is at Höschgasse 25, CH-8008 Zürich, Switzerland.

Terms and Conditions: SBAS’ Terms and Conditions, available at SBAS website.

Tool: SBAS’ tool for the analysis of blood test results by way of advanced machine learning algorithms for medical use.

3. Sign Up Process and Your Engagement with Tool and Services

Personal Data required to start a Sign up process is only your email address and your date of birth. For successful creation of SBAS account and use of the Tool, additional Personal Data, such as your first and last name, your country of residence, and your medical institution may be required.

Sign up process also requires you to agree to the Terms and Conditions and this Privacy Policy by clicking “I accept the Terms and Conditions and the Privacy Policy” .

By clicking “Sign Up” you are telling us that you consent to SBAS collecting, processing, and storing your Personal Data as described in this Privacy Policy and in any other documents referenced in this Privacy Policy.

4. What Personal Data Does Smart Blood Analysis collect From You?

The table below describes the Personal Data we collect from you to provide the Tool and Services.

Data Category Use Description
Account Information • Email address
Additional User Information • Your first name • Your last name • Your country of residence and/or country of professional occupancy • Your medical institution or company • Your other Personal Data you voluntarily include
Credit Card/Payment Information • Payment information such as your billing and shipping address(es), when you purchase a payable Service from SBAS. Please note that any credit card information is processed by providers of payment services and not SBAS.
Your Communications • Information you provide in communications with SBAS.

5. What Information Does SBAS Collect Through Your Use of the Tool and Services?

Information category Use Description
Computer and Mobile Device Information Information about how you access our Tool and Services as defined in Cookie Policy.
Information from Cookies and similar technologies Cookies and similar technologies as described in our Cookie Policy. Please refer to our cookie policy to learn about our practices and the controls we provide you.
Information from your use of the Services Information about your use of the Tool and Services, such as when you access your profile and related activities.

6. How does SBAS use your Personal Data?

Data Category Use Description
Personal Data (generally) We use your Personal Data to provide, personalize, improve, update and expand our Tool and Services. This includes:
• Authenticating your access to the Tool and Services, and improving SBAS information security;
• Processing your payments for purchased Services;
• Conducting statistical research;
• Provide you the Tool and Services;
• Detecting and protecting against error, fraud, or other criminal or malicious activity and enforcing our Terms and Conditions.
Communications We use your Personal Data to communicate with you about the Tool and Services, such as when we:
• Respond to your inquiries to the Tool and Services;
• Inform you about activities and results related to your use of the Tool;
• Inform you of product changes or new products and services;
• Provide you with information or request action in response to technical, security, and other operational issues.

7. When Do We Share Your Personal Data and Who are the Recipients?

SBAS does not share your Personal Data with third parties without your additional consent other than as described in this Privacy Policy. The circumstances described below explain when sharing might occur:

People with whom your Personal Data may be shared / Circumstances in which sharing might occur Description
Service Providers We use other companies to help us provide the Tool and Services to you. As a result, these partner companies will have some of your Personal Data in their systems. Our partners are subject to contractual obligations governing data security and confidentiality consistent with this Privacy Policy and applicable laws.
Service Providers We use other companies to help us provide the Tool and Services to you. As a result, these partner companies will have some of your Personal Data in their systems. Our partners are subject to contractual obligations governing data security and confidentiality consistent with this Privacy Policy and applicable laws.
These processing partners include our:
• Payment processors
Please note that the above list is not final.
Legal or Regulatory Process We may share your Personal Data if we believe it is reasonably necessary to:
• Comply with valid legal process (e.g., subpoenas, warrants);
• Enforce or apply the SBAS Terms and Conditions;
• Protect the security or integrity of the Tool and Services; or
• Protect the rights, property, or safety, of SBAS, our employees or users.
If we are compelled to disclose your Personal Data to law enforcement, we will do our best to provide you with advance notice, unless we are prohibited under the law from doing so.

8. Your Choices and Access to Your Personal Data

Subject to certain exceptions, you have a right to request access to your Personal Data (along with information about the nature, processing and disclosure of your Personal Data), and to be provided with a copy of Personal Data you provided to SBAS, as well as to seek to update, delete or correct this information by using the tools on the website or by contacting SBAS.

You also have a right not to provide your Personal Data to us. Exercising this right may however result in SBAS not being able to provide you with the full benefits of our Services. Additionally, you have a right to object to processing of your Personal Data, request restriction of processing of Personal Data, and to lodge complaints with a competent protection authority regarding the processing of your Personal data by us or on our behalf.

9. What are SBAS retention practices?

Generally, SBAS retains Personal Data on our system until our users inform us of their desire to delete their data or close their accounts. In some cases, we choose to retain usage information (e.g., visits to sites) in a depersonalized or aggregated form. Once aggregated, this information ceases to be personal and will not be subject to SBAS user deletion requests.

10. How can I delete my Personal Data?

You can delete your Personal Data retained by SBAS by contacting us.

Please note that there may be some latency in deleting your Personal Data from our backup systems after it has been deleted from our systems. Also, our partners may retain certain information they receive from us in order to comply with laws or regulations that may require them to do so. SBAS may also retain certain information as reasonably necessary to comply with our legal obligations (including law enforcement requests), resolve disputes, maintain security, prevent fraud and abuse, as well as to comply with tax, payment industry, securities, and clinical regulatory compliance requirements.

11. Security

SBAS maintains a comprehensive information security program designed to protect our customers’ Personal Data using administrative, physical, and technical safeguards.

The specific security measures used are based on the sensitivity of the Personal Data collected. We have measures in place to protect against inappropriate access, loss, misuse, or alteration of Personal Data under our control. SBAS regularly reviews our security and privacy practices and enhances them as necessary to help ensure the integrity of our systems and your Personal Data.

We use latest standard security mechanisms while processing and storing Personal Data, and we only partner with security companies that meet and commit to our security standards. While we cannot guarantee that loss, misuse or alteration of data will not occur, we use reasonable efforts to prevent this.

It is also important for you to guard against unauthorized access to your Personal Data by maintaining strong passwords and protecting against the unauthorized use of your own computer or device.

12. Data transfer

Your information, including Personal Data, may be transferred to — and stored on — servers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that processing.

SBAS will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, and that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal data.

13. Changes to this Privacy Policy

We may modify this Privacy Policy at any time, but we will provide prominent advance notice of any material changes, such as posting a notice through the Tool, on our website, or by sending you an email, to provide you the opportunity to review the changes and choose whether to continue using the Services.

We will also notify you of non-material changes to this Privacy Policy as of their effective date by posting a notice through the Tool, on our website, or by sending you an email. Your continued use of our Services after notice of non-material changes means that you consent to the updated Privacy Policy.

14. Legal basis under FDAP and GDPR for processing of Personal Data

Where you have consented to data processing, your consent provides the legal basis to process your Personal Data. You have the right to withdraw consent at any time. Please note that your withdrawal of consent to collect and process your Personal Data will not affect the lawfulness of processing your Personal Data based on your consent before you withdrew your consent.

We may also process your Personal Data on the basis of contractual necessity to perform a contract we have with you. We do not process your credit card or other payment means information, since this is the responsibility of the payment service provider.

We may also process your Personal Data on the basis of our legitimate interests, including in providing and improving the Tool and Services. For example, SBAS has a legitimate interest in understanding your login history so we can assess your interaction with our Tool and Services. We use your Personal Data to keep our Tool and Services safe and secure and we do so as it necessary to pursue your and our legitimate interests in ensuring that our Services are secure, and to protect against fraud, spam and abuse.

Where we rely on legitimate interests to process your Personal Data, you have the right to object to such processing. You can use your Privacy Settings to control certain ways in which we process your data. You can also contact us, using the details below, to object to other forms of processing.

15. Identity and Contact Details

SBAS’ customers can reach us by submitting questions using email. Contact details can be found by using “Contact” button which can be found on our web page https://www.smartbloodanalytics.com.

In addition, you also have a right to lodge a complaint about how we handle your Personal Data with your relevant regulatory authority in terms of the applicable law that applies to you.

Regulatory Authority Contact details
The European Commission Online complaint procedure: https://ec.europa.eu/info/about-european-commission/contact/problems-and-complaints_en
Address: European Commission, Secretary-General
B-1049 Brussels, BELGIUM
Fax: 3222964335
The independent Data Protection Authority per Member State of the European Union Website listing all DPA's per member state: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
The Swiss Federal Data Protection and Information Commissioner, and cantonal and communal data protection commissioners Address of the Office of the Federal Data Protection and Information Commissioner FDPIC: Office of the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, CH - 3003 Berne, SWITZERLAND
Fax: +41 (0)58 465 99 96
Website listing cantonal and communal data protection commissioners: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html

Effective Date: December 1, 2020

Smart Blood Analytics Swiss SA Höschgasse 25, CH-8008 ZÜRICH, Switzerland Contact Us
© 2021 SMART BLOOD ANALYTICS SWISS SA. ALL RIGHTS RESERVED
This website uses cookies to provide online services. By continuing to use this website you agree to the use of some cookies.
More about cookie settings