Sention Health
Privacy Policy

Valid from January 1st, 2024
Version 1.2

Introduction

This privacy policy describes how Sention Health AB ("Sention", "we" or "us") with organization number 559425–1000 and postal address KIVRA 559425–1000, 106 31 Stockholm, processes your personal data in our mobile and web apps ("the Application/s") and related technical systems ("the System/s").

As a user of our Application, we encourage you to read this privacy policy carefully before using the Application to better understand how we process your personal data. Your explicit consent to the processing of your personal data, particularly health-related data, is a prerequisite for using certain parts of the Application.

Your privacy is important to us and we take it very seriously. We protect your personal data and ensure that our processing of it is done correctly and legally. In this Privacy Policy, we explain what types of personal data we may process, for what purpose we process them, and what choices and rights you have in relation to the processing.

Data Controller and Data Protection Officer

Sention Health AB is the data controller for the personal data processed in the Application. We have appointed a Data Protection Officer (DPO) to oversee our data protection strategy and compliance. You can contact our DPO at:

Email: dpo@sention.health
Address: Sention Health AB, KIVRA 559425-1000, 106 31 Stockholm, Sweden

Types of Personal Data We Process

We collect and process the following categories of personal data:

  • Basic information: Name, personal identification number, email, mobile number,

  • Account information: Login credentials,

  • Health data: Information you provide about your health, including subjective assessments and ratings,

  • Device data: Information from integrated smart devices and medical technology,

  • Communication data: Records of your communication with our team and licensed healthcare professionals.

How We Collect Your Personal Data

We collect Personal Data from:

  1. You directly, through the information you provide in the Application,

  2. Your integrated smart devices and medical technology,

  3. Communication with our licensed team,

  4. Support interactions and other communication regarding the Application.

Purposes of Processing and Legal Basis

We process your personal data for the following purposes:

a. Administration of user account Legal basis: Necessary for the performance of a contract (Article 6(1)(b) GDPR)

b. Provision of health services and interventions Legal basis: Explicit consent (Article 9(2)(a) GDPR) and for the purposes of preventive or occupational medicine, medical diagnosis, the provision of health or social care or treatment (Article 9(2)(h) GDPR)

c. Compliance monitoring of health programs Legal basis: Explicit consent (Article 9(2)(a) GDPR)

d. Communication regarding the Application and support Legal basis: Legitimate interests (Article 6(1)(f) GDPR)

Data Processing Methods

Algorithmic Processing for Clinical Decision Support

We use advanced algorithms to process your health data in order to support more qualified clinical decision-making. These algorithms analyse patterns in your health data, compare them with medical knowledge bases, and generate insights that can assist healthcare professionals in making more informed decisions about your care.

Key points about our algorithmic processing:

  • Purpose: To enhance the quality of healthcare decisions and personalise your care plan.

  • Data used: Health data you provide, data from integrated devices, and your interaction data within the Application.

  • Output: The algorithms generate recommendations and insights, but final clinical decisions are always made by qualified healthcare professionals.

  • Safeguards: We regularly audit our algorithms for accuracy and potential biases. All algorithmic outputs are reviewed by healthcare professionals before being used in your care.

Manual Processing

In addition to algorithmic processing, your data may be manually reviewed and analysed by our licensed healthcare professionals as part of providing our health services and interventions.

Data Retention Periods

We retain your personal data for the following periods:

  • Account information: 1 year after your last activity in the Application,

  • Health data and individual responses: Until you request account termination or we cease to provide the Application to you,

  • Aggregated, anonymised data: Indefinitely.

Data Sharing and International Transfers

We do not sell your personal data. We may share your data with:

  • Our employees and licensed healthcare professionals who need access to provide our services

  • Sub-processors who assist in operating our Application (list available upon request)

All our data processing occurs within the EU/EEA. We do not transfer your personal data outside the EU/EEA.

Your Rights

Under the GDPR, you have the following rights:

  • Right to access

  • Right to rectification

  • Right to erasure ('right to be forgotten')

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

  • Rights related to automated decision making and profiling

  • Right to withdraw consent

To exercise these rights, please contact our DPO using the contact details provided above.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data,

  • Ability to ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services,

  • Ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident,

  • Process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

Cookies and Similar Technologies

Our Application uses cookies and similar technologies for functionality and analytics purposes.

Children's Privacy

Our Application is not intended for use by children under the age of 18. We do not knowingly collect personal data from children under 18. If you become aware that a child has provided us with personal data, please contact us.

Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new privacy policy on this page and updating the "Valid from" date at the top of this policy. You are advised to review this privacy policy periodically for any changes.

Data Breach Notification

In the event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so.

Automated Decision-Making

We do not use automated decision-making or profiling in our Application.

Complaints

If you have a complaint about our use of your personal data, please contact our DPO in the first instance. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (https://www.imy.se/) or any other European Union supervisory authority.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

Sention Health AB
Email: dpo@sention.health
Postal address: KIVRA 559425-1000, 106 31 Stockholm, Sweden
Visiting address: Nybrogatan 57B, 114 40 Stockholm, Sweden


© 2024 Sention Health