User Privacy Policy
At Empatica, protecting User privacy is of utmost importance to us.
This User Privacy Policy (“Policy”) apply exclusively to User’s access to and use of any Empatica owned products and services made available for research purposes, collectively referred to as Empatica Health Monitoring Platform (“EHMP”). By visiting, accessing, or otherwise using any or all components of the EHMP, you confirm to have read, understood and agree to this Policy.
1. Definitions
- “User” includes persons who participate in a Research Study, either as a recipient of the investigational product under investigation or as a control and are directed by the Providers to use Empatica Products.
- “Research Study” refers to, without limitation, randomized controlled trials (RCTs), cohort studies, case-control studies experimental studies.
- “Provider” includes persons, firms or entities that are purchasers or end-users of services or products offered, provided, developed, designed, sold, or leased by Empatica during the relevant time periods.
- “Products” shall mean all product, including hardware and software products, planned, researched, developed, tested, manufactured, sold, licensed, leased, or otherwise distributed or put into use by Empatica or any of its Affiliates, together with all Services provided or planned by Empatica or any of its Affiliates.
- “Device” shall mean each and any of Empatica’s hardware products designed to collect physiological data through skin contact of the Users.
- “App” means a mobile application used in the Research Study designed to collect and transfer data from the Device worn by Users.
- “EHMP” Empatica Health Monitoring Platform provides a remote patient monitoring system utilizing Hardware and Software products that allow Providers to monitor User’s health data throughout the Research Study.
- “Personal Information” means information relating to an identified or identifiable individual (i.e., a natural person)
- “Subject Data” is a natural person about whom a Provider holds personal data and who can be identified, directly or indirectly, by reference to that personal data.
- "Services" means the Subscription Services, Could Services and Support Services that Provider purchased.
2. Introduction
This Policy is designed to help you to understand what kind of information Empatica collects in connection with our products and services and how such information is used and processed. EHMP products are exclusively sold to researchers belonging to not-for-profit research institutions (like hospitals and universities) and for-profit research institutions (like pharmaceutical companies) collectively referred to as “Providers”.
3. Kinds of User data collected
Empatica collects the following categories of User data:
- De-identified User Biomarker data. Empatica collects de-identified biometrical and health related data such as pulse rate, pulse rate variability, actigraphy or similar depending on the products and services Providers have purchased.
- Technical Information. Empatica also collects other technical information such as IP address, Device identifier, the dates and times of access to the App, the phone/device type, as well as the software version, operating system, Bluetooth® and WiFi settings (On/Off).
Empatica cannot and will not use the above defined User data to link to your Personal Information. 4. Use of User data
In connection with the EHMP services, Empatica will process and store User Data on HIPAA-compliant cloud infrastructure located in US, Virginia, where the Providers can view and access these. Empatica collects, stores and processes this User data to fulfill its contractual obligations to the Provider and to enable them to conduct and facilitate the Research Study; which in no way involves the sale of your data.
5. Information Security
Empatica’s primary responsibility under any agreement with Providers is the obligation to keep User Data safe and secure. To safeguard and secure any personal data or User data stored in our systems, Empatica has in place physical, electronic, and organizational procedures, including encryption, firewalls, access controls, and other procedures to protect data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.
6. Data ownership
Empatica has no control or ownership of User Data and Empatica is not responsible for the control of a Provider’s handling of Personal Information. Each Provider has its own policies regarding the use and disclosure of personal information and data. Please direct any questions regarding User Data to the Provider collecting your information under the Research Study through the App.
7. Informed Consent
You are not permitted to participate in any Research Study unless and until you have signed an Informed Consent Form (ICF”) presented to you by the Provider agreeing to the collection and use of your information to be collected for the Research Study. By using the App you signify that you have read, understood and signed such an ICF.
8. Age restrictions
The EHMP is not intended for use by children under 18 years of age without the prior consent of a parent or legal guardian. By using any or all components of the EHMP, you represent and warrant that (a) you are 18 years of age or older and you agree to be bound by this Agreement; (b) if you are under 18 years of age, you have obtained verifiable consent from a parent or legal guardian; and (c) your use of the EHMP does not violate any applicable law or regulation. Your access to any or all components of the EHMP may be terminated without warning if Empatica believes, in its sole discretion, that you are under the age of 18 years and have not obtained verifiable consent from a parent or legal guardian. If you are a parent or legal guardian and you provide your consent to your child’s use of the EHMP, you agree to be bound by this Agreement in respect to your child’s use of the EHMP.
9. Data retention periods applying to the users' personal data
User Data will be stored for the period necessary to fulfill the purposes for which the data was collected as outlined in this Privacy Policy. In any case the following retention periods will apply to the processing of the User Data collected for Contractual Purposes and for Legitimate Interest Purposes is retained during the provision of the Services plus a period of 10 years after the termination or Provider’s withdrawal from the contract with Empatica, except when the retention of the data is necessary to respond or to file a legal actions, upon request of the competent authorities or in compliance with the applicable laws.
10. Updates to User Privacy Policy
Empatica reserves the right to change, modify, add or remove portions of this User Privacy Policy at any time, without prior notice. If you use the App following a change in this User Privacy Policy, your continued use will be understood to signal that you accept and agree to be bound by the changes.
11. User’s rights to User data
The Provider controls your information. In order to exercise your relevant rights, contact the Provider directly.
12. Data protection officer
The Data Protection Officer appointed by Empatica pursuant to Section 37 of the Privacy Regulation can be contacted at the following email address:
privacy@empatica.com.