Qinematic Services (the “Service”) is a cloud-based system for automated screening of posture, balance and movement control. The Service is provided by Qinematic AB, corporate registration no. 556890-1903, a limited liability company incorporated under the laws of Sweden, with its registered address at Högsätravägen 17, 181 58 (“Qinematic”, ”we” or “us”) and visiting address at Health Hub, Hälsingegatan 45, 113 31 Stockholm, Sweden.
The Service is offered to businesses and organisations that are interested in providing health services to their customers or their employees (in the following collectively “Health Service Providers”, each a “Health Service Provider”). Under the Swedish Personal Data Act (1998:204), which implements the EU Directive 95/46/EC, it is the entity deciding the purposes and the means of processing that is the personal data controller for the processing. When you use the Service, your Health Service Provider is the personal data controller for the processing of your Personal Data, and we are the personal data processor of your Health Service Provider, processing such data on behalf of and according to the instructions of said Health Service Provider. The Health Service Providers are responsible for complying with applicable data protection legislation.
Your privacy is important to us. This document contains a policy statement regarding the collection, use and processing of personal data by the Health Service Provider within the Service and your rights in relation to your personal data. It also contains information regarding our collection of and processing of certain anonymised data for research and analysis purposes.
With “Personal Data” we mean information that is directly or indirectly referable to a natural living person, e.g. name and address but also health information. When using the Service, Personal Data will be collected from you.
The following personal data is collected and processed by your Health Service Provider:
When you use the Service, certain information will be collected automatically, including information about your posture, balance and movement. We collect a ‘depth cloud’ of your body surface to make these calculations. You may see a colour image of yourself on the screen during a test, but we do NOT record colour photos or video of your performance.
Purposes of processing
Health Service Providers
It is the Health Service Provider that decides the purposes for the processing of your Personal Data and each Health Service Provider may choose to communicate other purposes with you, such as research purposes if your use of the Service is carried out in relation to a research project. Unless otherwise agreed between you and your Health Service Provider, the Health Service Provider will process the information set out above for the following purposes:
As provider of the Service, Qinematic collects and processes your Personal Data also for its own, limited purposes:
We will however anonymise the Personal Data to an extent that we will not have the possibility to identify you by use of the data in our possession. We will only store:
Security and sub-processors
Qinematic currently offers the Service via Microsoft Azure. You can find more information about the Services and security here, including information on location of servers, applied processes for removal of data etc. Microsoft is the sub-processor of your Personal Data, engaged by Qinematic materially to store the Personal Data processed in the Service in the Microsoft Azure cloud.
Transfer to third parties and to third country
Your Personal Data will not be transferred to third parties or to a country outside the EU/EEA without your consent.
Responding to legal requests and preventing harm
Your Health Service Provider may access, preserve and share your information in response to a legal request (like a search warrant or a court order), or when necessary to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations, if the Health Service Provider has a good faith belief that the applicable law so requires.
Information that your Health Service Provider receives about you, may be accessed, preserved and retained for an extended period of time when it is the subject of a legal request or obligation, government investigation, or otherwise to prevent harm.
Some other things you need to know
Notice of changes
Your Privacy Rights under EU law
EU law permits residents of the Member States once per calendar year to request details about what personal information is stored with us, the source of the data and the identity of parties to whom the data has been provided, free of charge, without indicating any reasons. Such a request shall be put to your Health Service Provider, being the personal data controller of your Personal Data.
You can object to the use of your personal data at any time and revoke the consent to use your data that you provided upon your registration. In addition, you can request rectification, erasure or blocking at any time of any personal data that is inaccurate.
To exercise the aforementioned rights, or if you have any questions about our sharing practices, your rights under EU or applicable law, or wish to have your personal information removed, please contact your Health Service Provider. The identity of your Health Service Provider and contact information may be found onscreen at the site where you perform your test, and on any PDF reports generated by a Health Service Provider.