Last updated: 2021-04-04
This policy may be supplemented by additional privacy terms or policies set forth on certain areas of the Service.
We collect personal information that you voluntarily provide to us when you register on the Services, and when using our Services, or otherwise when you contact us.
The personal information that we collect depends on the context of your interaction with us and the Services, the choices you make and the products and features you use. The personal information we collect may include the following:
Personal information provided by you:
Patient data provided by you:
We automatically collect certain information when you visit, use or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language prefere, referring URLs, device name, country, location, information about about how and when you use our Services and other technical information. This information is primarily needed to maintain the security and operation of our Services, for troubleshooting and for our internal analytics and reporting purposes.
We also collect information through cookies and similar technologies. A cookie is a text file that is stored on your computer or mobile device by a website’s server. Each cookie contains anonymised information about how you use our websites and applications, which allows us to improve your experience of using our products and services.
If you prefer, it is possible to disable cookies by modifying the settings in your browser. However, if you block certain cookies, you may not be able to register, login to the Services, access certain parts of the Services or make full use of the Services.
The information we collect includes:
Log and usage data: Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages viewed, searches and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called “crash dumps”) and hardware settings).
Device data: Device data if information about your computer, phone, tablet or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model Internet service provider and/or mobile carrier, operating system and system configuration information.
If you use our App, we also collect the following information:
This information is primarily needed to maintain the security and operation of our App, for troubleshooting and for our internal analytics and reporting purposes.
We use personal information collected via our Services for a variety of purposes, described below.
We may use your personal information based on the lawful basis contractual relation for:
We may use your personal information based on the lawful basis legitimate interest for:
We may use your personal information based on the lawful basis consent for:
Braive, as the data controller, is responsible for the safety of your personal data with respect to confidentiality, integrity and availability, as per article 5 in EU’s General Data Protection Regulation (GDPR).
The data we collect and process is stored in a secure manner in accordance with GDPR. The Services have a Privacy by Design approach to system engineering which takes privacy into account throughout the entire engineering process.
We prevent unauthorized access, modification and unlawful destruction of information we possess. We employ industry standard techniques to protect against unauthorized access of data about you that we store, including personal information.
The processed information is stored on servers operated by Microsoft. A separate agreement between Microsoft, and Braive govern what information they have access to, and how it should be treated. Braive’s employees only come into contact with your personal information when necessary for safe operation of the service, and in cases where you want our staff to assist you in using the Service.
Employees of Braive, as data controller, and Microsoft, as a data processor, are subject to confidentiality.
You retain ownership of the personal information (“Your Content”) you upload, and we do not share Your Content to others than our collaborating data processor, and third parties involved in research projects. Your Content remains secure at all times, and is encrypted or de-identified before reaching our data processor and third parties involved.
For research purposes, we will share anonymized test scores with research partners. The extracted information comes from multiple answer questionnaires, that leaves no trace as to the identity of the responder (such as identification number or IP-address). For information about our research projects, and partners, go to About Us.
If you access the service content database or learning service (“subscription service”) through an institution-sponsored subscription or a corporation or other business entity, certain usage data gathered through the Subscription Service, such as the course you enrolled in, may be shared with your institution for the purposes of usage analysis, subscription management, course management and testing results, and for the purposes of cost attribution and departmental budgeting.
Your personal information could be transferred to our hosting partner, within the EU. By using the Services you consent to the transfer of information to countries outside of your country of residence, which may have different personal data protection rules than in your country. Braive will always ensure that privacy and security is maintained within the requirements of the EU General Data Protection Regulation.
It is voluntary to provide us with your personal data. Your consent may at any time be withdrawn. If you withdraw your consent to the processing of personal data when using the Service, you will not be able to access the content that requires login.
Some features in our Services (the so called Mental Health Check) include multiple choice questionnaires where solely automated processing is used to determine results and recommendations.
You have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request, update, or delete your personal information, please contact us by email to [email protected]. We will respond to your request within 30 days.
The Services allow registered users to access their account information and make corrections or updates upon login at any time. When logged in you have access to all the personal information about you that may be held in the Service.
In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request please use the contact details provided below.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
If you are a resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html
If you want to withdraw your consent and delete your personal information, send an email to [email protected]. We will deactivate your profile and permanently delete all information about you from our servers, including backup server, within 30 business days. If you have been inactive for more than five years your user profile, along with all your personal information, will be automatically deleted. Once your personal information has been deleted, it cannot be restored again.
Our system will automatically delete data older than five years, even if you are an active user.
If after five years without using the Services, you wish to log on again, you must create a new user profile.
The use of your personal data is subject to the all time applicable laws regarding personal data, currently EU’s General Data Protection Regulation.
If you have any questions or comments about this policy, you may contact our Data Protection Officer (DPO) by email at [email protected], or by post to: Braive AS, Tollbugata 24, 5 floors 0157, Oslo, Norway
Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by website owners in order to make their websites work, or to work more efficiently, as well as to provide reporting information. It also helps maintain your choices when navigating on our website or returning to it at a later time.
Necessary: Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Analytics: Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics, such as the number of visitors, bounce rate, traffic source, etc.
Functional: Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedback, and other third-party features.
Performance: Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Advertisement: Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Other: Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.