EmotionSpace® PRIVACY NOTICE
Last Updated: MAY 2018
This Privacy Notice describes our practices in connection with the data collected through the EmotionSpace® App (the “App”).
The App is a service for metastatic breast cancer (mBC) patients (referred to as ‘primary user’ in the following text) and their supporters (such as relatives and friends of the primary user, in the following also referred to as ‘secondary users’), to be used in addition to the actual treatment of the disease. It is targeted to everyone with an mBC diagnosis, regardless of the nature of the treatment, as well as supporters of someone who was diagnosed with mBC.
All Users (mBC patients as well as their supporters) are required to create an account (consisting of user name and password) in order to use the App. You can activate your account through the verification link that will be sent to your email address. As a primary user, you can actively decide on who you’d like to support you and invite him or her via e-mail or text message. The secondary user needs to verify him or herself when downloading the app by entering a 6-digit code he or she will be provided with upon invitation by the primary user.
“Personal Data” is data that identifies you as an individual or relates to an identifiable individual. We collect Personal Data in various ways through the App, including through registrations, applications, in connection with your inquiries, and automatically when you use the App.
We may request Personal Data when you use the App (* indicates required information), including:
- Indication whether primary user or secondary user*
- Email address* and password*
- Primary user name / Secondary user name*
- Secondary user’s cell phone number for the Primary User to be able to invite him / her
- Primary user’s year of birth*
- The GPS location of primary and secondary user’s device
- Health data:
- mBC diagnosis (yes/no) *
- Year when the cancer first spread
- Month in the respective year the cancer first spread
- Number of treatment regimens received since mBC diagnosis
- Communication of primary user with secondary users about mBC diagnosis and treatment
- Primary user’s shared emotions in connection with mBC diagnosis and treatment
- Primary user’s relationship Status
- Primary user’s number of children
We may also collect Personal Data from other sources, i.e. secondary user’s cell phone number for the Primary User and reactions of secondary users to primary user’s shared emotions
When you are asked to provide Personal Data, you can decline. But if you choose not to provide Personal Data that is necessary (*) to provide requested services, we may not be able to provide you with those services.
If you provide or permit us to collect any Personal Data relating to another person, you are telling us that you have the authority to share that data and to permit us to use the data as described in this Privacy Notice.
HOW WE USE PERSONAL DATA
We use Personal Data in order to:
- Provide the App’s functionality and fulfill your requests when we have a contractual relationship, including:
- Provide the App’s functionality to you (includes processing of health data).
- To respond to your inquiries and fulfull your requests, such as to send you notifications and PIN or password resets.
- To send administrative information to you, such as information regarding the App and changes to our terms, conditions, and policies.
- Allow you to send messages to a secondary user (includes processing of health data).
- Operate our business to meet our legitimate interests in maintaining our business, including:
- To conduct data analysis and audits.
- To identify usage trends in the use of our Apps and analyze the effectiveness of our communications.
- To better understand connections between emotions and health-related data, and from this, to be able to develop further functions for the App if needed (includes processing of health data).
- To send you automatically-triggered emails and push messages which are sent to you depending upon your user behavior (such as by entering specific emotions or needs), based on pre-defined rules (includes processing of health data).
- Information about your location is collected for the purpose of showing you offers and events from patient organizations in your immediate vicinity.
- Information about your relationship status, number of children, as well as details of your medical history and treatment, can be evaluated in an anonymous and aggregated form to improve the app and adapt it to the needs of the users (includes processing of health data).
We use health data you provide for the purposes we disclose to you when we request such data within the App.
HOW WE DISCLOSE PERSONAL DATA
We disclose Personal Data, including health data, as follows:
- To our third-party service providers, to provide services such as data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing and other services.
- Identify you to anyone to whom you might send a message through the App (secondary users).
We also use and disclose your Personal Data, including health data, as we believe to be necessary or appropriate:
- To comply with applicable law and our regulatory monitoring and reporting obligations (which may include laws outside your country of residence), to respond to requests from public and government authorities (which may include authorities outside your country of residence), to cooperate with law enforcement, or for other legal reasons.
- To enforce our terms and conditions.
- To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
In addition, we may use, disclose or transfer Personal Data, including health data, to a third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
We may aggregate the Personal Data that you and other App users provide. Provided the aggregated data does not personally identify you or any other individual, we may use and disclose such aggregated data for any purpose.
DATA COLLECTED AUTOMATICALLY
We use tracking technologies to recognize you as you use or return to the App so that we can understand how the App is used, optimize user engagement with the App and customize and enhance your experience. We may also use the data collected to deliver personalized services to you. These technologies collect certain data automatically, such as:
- Data about your device, such as your screen resolution, operating system, device manufacturer and model, and language. We use this data to ensure that the App functions properly.
- Data about your use of the App, including content viewed, features used and the dates and times of your interactions with the App. We use this data to understand how users engage with the App and to customize and improve the App experience.
For this purpose, Google Analytics is being used in this app, a web and app analytics service provided by Google, Inc. (“Google”) which is embedded into the App to measure user interactions. We use this aggregated information for statistical analytics purposes only, which helps us to better understand and optimize general user engagement with the App.
Google Analytics uses a unique identifier, similar to tracking cookies on websites, to help the owner of a website or an app analyze how users use the service. The information generated about your use of the app, including your IP address, will be transmitted to and stored by Google on servers in the United States. We have activated IP anonymization, so Google will usually truncate/anonymize the last octet of the IP address for member states of the European Union as well as for other parties that are part of this agreement with the European Economic area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the app provider, Google will use this information for the purpose of evaluating your use of the app, compiling reports on website activity for app operators and providing other services relating to app activity and internet usage to the app provider. Google will not associate your IP address with any other data held by Google. You can disable the use of Google Analytics for analytics purposes in the app settings. Please refer to the menu “Profile” and the submenu “Settings” to switch off Google Analytics (by unticking the button ‘Analytics’) for this app on this device. Turning off this functionality will not affect the normal operation of the App.
Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/. Please note that in this app Google Analytics code is supplemented by “anonymizeIP” to ensure an anonymized collection of IP addresses (so called IP-masking).
We collect the physical location of your device by using, for example, satellite, cell phone tower, GPS or WiFi signals. We use your device’s physical location to provide you with location-based services and content, e.g. by offering you support events which are close-by. You may be able to allow or deny such collection and/or use through your device settings or the App’s privacy controls.
- You may stop all collection of data by the App by uninstalling the App.
PLEASE NOTE: the deinstallation of the App does not delete your user account!
a) If you, either as a primary or secondary user, want your account to be deleted, you can actively do this in the settings of the App (choose ‘close account’ option). In this case, we fulfill the legal obligation of deleting your data by anonymizing them. Your account details will be erased. Data already aggregated via Google Analytics will remain in the aggregate.
b) Primary Users:
When primary users close their accounts, the accounts of the connected secondary users will remain active and can still be used by the secondary users (e.g. to support other patients). Emotions, Needs and any communications that primary users shared with secondary users are stored in the secondary users’ accounts and will remain there after the primary user closes her account. However, the primary user’s former user name will not appear anymore. If the connected secondary user closes his or her account as well, all the data are deleted and cannot be re-established.
When secondary users close their accounts, any reply on a shared emotion that they have sent is stored in the accounts of the primary users they supported and will remain there after the secondary users’ accounts are closed. If the connected primary user closes her account as well, all the data are deleted and can’t be re-established.
c) If you as a primary user or secondary user do not access the App for 11 months, the system will email you and inform you of the inactivity. If you do not subsequently access your account within 30 days from the date of the email, all of your personal data will be removed from our system, including your account details. Data already aggregated via Google Analytics will remain in the aggregate. The aspect described under b) above applies here as well.
As long as your account exists and is active, we will retain the information you provide for the period necessary to fulfill the purposes outlined in this Privacy Notice.
- You may stop the receipt of push notifications through your device settings.
- If you would like to request to review, correct, update, suppress, restrict or delete Personal Data that you have provided to us through the App, or if you would like to request to receive an electronic copy of such Personal Data for purposes of transmitting it to another company, you may contact us at Contact Us. We will respond to your request consistent with applicable law. You may also be able to update your profile through the App.
In your request, please tell us what Personal Data you would like to have changed, whether you would like to have it suppressed from our database, or otherwise let us know what limitations you would like to put on our use of it. For your protection, we may only implement requests with respect to the Personal Data associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
You may have a right to lodge a complaint with a data protection authority competent for your habitual residence, place of work, or place of alleged infringement. Please click here for contact information for such authorities.
We seek to use reasonable organizational, technical and administrative measures to protect your Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
If you choose to share reports or other messages generated by the App with others electronically, you are advised to first check the security features of your email or other applicable communications features on your device, as they do not operate within the App.
The data we collect through the App may be stored and processed in any country where we have facilities or in which we engage service providers, including in the United States and where our affiliates operate.
Some non-European Economic Area (“EEA”) countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as by ensuring that the recipient is bound by EU Standard Contractual Clauses, to protect your Personal Data. You may obtain a copy of these measures by contacting us as indicated in the Contact Us section below.
This Privacy Notice does not address, and we are not responsible for, the data collection, use, disclosure or security practices, or other practices, of any third party, including any third party operating a service to which the App links. The inclusion of a link within the App does not imply our endorsement of the linked service.
USE BY MINORS
The App is not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Data from such individuals. If you are under the relevant age of consent in your jurisdiction, you will need your parent’s or legal guardian’s permission to use the App. Please consult with your parent or legal guardian before installing the App.
If you are providing us with Personal Data of individuals under the age of sixteen (16), you represent that you have the appropriate authority to do so and that you can demonstrate such authority to Pfizer upon request.
From time to time, we will update this Privacy Notice. Any changes will become effective when we post the revised Privacy Notice in the App. This Privacy Notice was last updated as of the “Last Updated” date shown above.
The company responsible for collection, use, and disclosure of your Personal Data under this Privacy Notice is
Pfizer Pharma GmbH
10785 Berlin, Germany
If you have questions about this Privacy Notice, or if you would like to request to exercise any individual rights, please contact us at [email protected], or write to the following address:
Pfizer Healthcare Ireland 9 Riverwalk, National Digital Park, Citywest Business Campus, Dublin 24
You may also contact our data protection officer responsible for your country or region, if applicable. To find their contact information, visit DPO.Pfizer.com.