ABOUT THIS PRIVACY STATEMENT
At N1X10, we take the protection of your personal data seriously. This privacy statement applies to processing of personal data by N1X10 cancer case management and mobile app (collectively “N1X10 services”).
The N1X10 empowers you to play an active role in the journey to fight cancer. We understand that data does not get much more personal than this, and the protection of your personal data is of paramount importance to us. Please take a moment to carefully review this statement.
WHY DOES N1X10 PROCESS YOUR PERSONAL DATA?
N1X10 collects and processes the personal data of Device & Application Users (“Users”) only for the following purposes:
To provide N1X10 services
We process personal data to provide N1X10 services and app features, such as to provide you with daily insights about your cancer journey including to-dos, and appointments.
To provide customer service
We process personal data for the purpose of providing customer service and managing our customer communication. If you contact our support with questions regarding your service or app data, we may use the provided information to answer your questions and for solving any issues you may have.
To develop our products and services
We process data regarding your use of the N1X10 service to improve our services and features, such as in the N1X10 mobile app. When possible, we will do this using only pseudonymized, aggregated, or non-personally identifiable data.
To market our products and services
To enable third party integrations
We process data to provide Users who request that we share their data with certain third parties, such as research partners. This is only done with your express consent.
To comply with statutory obligations
In certain cases, we must process certain data when it is required by applicable laws and regulations. Such statutory obligations are related, for example, to accounting and tax requirements, legal claims, or other legal purposes.
LEGAL BASIS FOR PROCESSING
Data protection law in Europe requires a “lawful basis” for collecting and retaining personal information from residents of the European Economic Area. Our lawful bases for processing your data depends on the particular processing purposes, including:
- Contract: when processing personal data for the purpose of providing N1X10 services we process it on the basis of a user contract, which is formed when you create your account and accept of our terms and conditions.
- Consent: we process your health-related data only with your consent. In some cases, you can provide your consent to us for processing your data through your actions, such as by inserting health data into your notes, or by adding health related tags in the N1X10 app.
- Legitimate Interest: we process your personal data based on our legitimate interests when we process it for the purposes of marketing our products and services, providing our customer service and improving our products and services. When choosing to use your data on the basis of our legitimate interests, we carefully weigh our own interests against your right to privacy, in compliance with applicable law.
- Legal obligation: N1X10 must process certain information to comply with statutory obligations which may vary in each country. For example, such obligations can relate to consumer protection or tax laws.
PROCESSED DATA AND DATA SOURCE
In most cases, N1X10 collects personal data directly from you, such as when you register for an account or upload your personal clinical data via the N1X10 mobile app. We may also process data that is produced from the information you provide to us.
N1X10 processes the following personal data categories about Users:
- Contact information such as email address or physical address.
- User information such as gender, height and weight, User ID, and other information you may provide to us about yourself or your account.
- Device information such as IP address and location data.
- User activity and context information such as activities, notes and tags.
- Clinical data such as cancer diagnosis, medications, diagnostic labs and genomic profiles.
- Measurement data such as heart rate, movement data, and temperature data.
- Reported symptoms such as mood, pain, cough and nausea.
Please note that some of the personal data we process, including any data concerning your health, is considered special or sensitive personal data. Under applicable law, such data is processed only if you have given your consent for processing. If you access or use any of N1X10’s location-based services, such as by enabling GPS-based activity tracking through your app, N1X10 may process the approximate or precise location of your device while the service is active. This data may be obtained via your device’s service provider network ID, GPS, and/or Wi-Fi data. N1X10 does not process such location data without first obtaining your consent. You may disable such location processing at any time using your device’s location permission settings.
DATA SHARING AND DISCLOSURES
Personal Data Sharing
N1X10 does not sell or rent your personal information, and only shares your personal data with certain trusted service providers so that we can provide you with our services and operate our business. Whenever we share data with third-party service providers, we require that they use your information only for the purposes we have authorized, and for the limited reasons explained in this Privacy Statement. We also require these service providers to protect your personal information to at least the same standards that we do.
Like most companies, N1X10 uses service providers for purposes such as:
- Providing and improving our online service platform;
- Storing our Users’ data;
- Providing customer services;
- Managing and organizing our marketing activities. (N1X10 only shares website usage data with our advertising network partners for the purposes of analyzing and optimizing our marketing. N1X10 does not share the N1X10 app data with 3rd party advertisers); and
- Analyzing information regarding the use of our online service to improve our service quality.
- We will be recording our conversations with you and making them available to you and to other professionals as necessary. To consent to the conversations being recorded, you will need to click and confirm you are agreeing to that recording.
N1X10 stores personal data primarily within the geographic region where it is collected. In cases where personal data is processed outside of the area in which it was collected, we always ensure your personal data is protected with appropriate safeguards in accordance with applicable privacy laws. We also use industry standard data protection measures to safeguard all international transfers of personal data through data protection agreements with our service providers.
Personal Data Disclosures
We also reserve the right to disclose personal information under certain specific circumstances, including:
- When we have your express consent to do so;
- When it is reasonably necessary for our legitimate interests in conducting our business, such as in the event of a merger, acquisition, or sale;
- To protect N1X10’s legal rights and property; and
- To comply with the law or law enforcement.
Otherwise, your personal information is never shared with any individual or other organization.
SAFEGUARDING YOUR DATA
N1X10 uses technical and organizational safeguards to keep your data safe and secure. Where appropriate, these safeguards include measures such as anonymization or pseudonymization of personal data, strict access control, and the use of encryption to protect the data we process.
We also ensure that our staff receives adequate training to ensure personal data is processed only in accordance with our internal policies, consistent with our obligations under applicable law. We also limit access to your sensitive personal data to personnel that have specifically been granted such access.
Online services that we provide, such as the N1X10 website and N1X10 mobile app, protect your personal data in-transit using encryption and other security measures. We also regularly test our service, systems, and other assets for possible security vulnerabilities.
We update the N1X10 mobile app regularly. We recommend that you make sure that you always have the latest app version installed in order to maximize protection of your data.
The retention period for your personal data generally depends on the duration of your N1X10 account lifecycle. Your personal data will be deleted when it is no longer needed for the purpose it was originally collected, unless we have a legal obligation to retain data for a longer period of time. For example, your data regarding your symptoms is stored only so long as your N1X10 account is active.
N1X10 also has legal obligations to retain certain personal data for a specific period of time, such as for tax purposes. These required retention periods may include, for example, accounting and tax requirements, legal claims, or for any other legal purposes. Please note that obligatory retention periods for personal data vary based on the relevant law.
If you wish, you may request deletion of your N1X10 account by contacting firstname.lastname@example.org
YOUR RIGHTS AS A DATA SUBJECT
Whenever N1X10 processes your data, you have certain rights that enable you to control how your personal data is being processed. This section provides you with information about each of those rights. If you wish to exercise your rights as a data subject, please contact email@example.com with your request to do so.
Right to access data
You have the right to know what personal data is processed about you. You may contact us to request access to the personal data we have collected about you, and we will confirm whether we are processing your data, and provide you with information about the personal data we have collected and processed about you.
Please note that by using the N1X10 mobile app, you can easily access the clinical data, reported symptoms and measurements data that we process about you.
Right to erasure
You have the right to request the deletion of your personal data in certain circumstances. We will comply with such requests unless we have a valid l
Right to rectification (of inaccurate data)
You have the right to request correction of any incorrect or incomplete personal data we have stored about you.
Please note that you can correct and update some of your basic information via the N1X10 mobile app.
Right to data portability
You have the right to request receipt of the personal data you have provided to us in a structured and commonly used format. The right to data portability only applies when we process your personal data for certain reasons, such as by contract or by your consent.
Right to object to processing
You have the right to object to the processing of your personal data under certain circumstances. In the event that we do not have legitimate grounds to continue processing such personal data, we will no longer process your personal data after we have received and verified your objection. You also have the right to object processing of your personal data for direct marketing purposes at any time.
Right to restrict processing
You have the right to request that we restrict processing of your personal data under certain circumstances. For example, if you contest the accuracy of your data, you can make a restriction request that we do not process your data until N1X10 has verified the accuracy of your data.
Right to withdraw consent
If we have requested your consent in order to process your personal data, you have the right to withdraw your consent for such processing at any time. It should be noted, however, that withdrawing your consent may lead to issues or restrictions on your ability to fully utilize N1X10 services.
Please note that you can always unsubscribe from receiving our newsletter and other marketing emails by using the ‘Unsubscribe’-link provided in the emails you receive from us.
N1X10 strives to address your privacy concerns. If you have contacted N1X10 about your issue and are still unhappy with our response, subject to applicable law, you may contact your local supervisory authority regarding your issue. However, we urge you to first contact us at firstname.lastname@example.org so that we can more quickly resolve your issue before escalating the issue.
Please read N1X10’s CCPA Privacy Notice if you are a resident of the state of California to read more about your rights under California law.
CCPA NOTICE FOR CALIFORNIA CONSUMERS
This notice supplements the information contained in this Privacy Statement of N1X10 and its subsidiaries (collectively “we”, “us” or “our”) and applies solely to all visitors, Users, and others who reside in the State of California (“customers” or “you”), and who access N1X10’s website or the services provided by N1X10. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), and any terms defined in the CCPA have the same meaning when used in this notice.
COLLECTION, USE AND SHARING OF INFORMATION
Where a customer interacts with N1X10’s products and/or services, N1X10 collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”). Personal Information does not include de-identified or aggregate information; publicly-available information that is lawfully made available from federal, state, or local government records; and information covered by certain sector-specific privacy laws.
Information about the categories of Personal Information we collect, the purposes for which your Personal Information is processed, and any sharing of your Personal Information can be found from relevant sections of this privacy statement above:
Sharing of personal data
In the preceding twelve (12) months, we have not sold Personal Information to third parties, including data aggregators.
Disclosure of Personal Information in the Preceding 12 Months
|Personal Information||Third Parties|
|Identifiers||We may disclose IP address, device ID, or online identifier to service providers, advertising networks, internet service providers, and/or data analytics providers. We may disclose name, email address, date of birth, phone number, and address if you provided it to us via form on the website or during an incomplete or failed registration to Service providers.|
|Commercial information||Service providers|
|Internet or other electronic network activity information||Service providers, advertising networks, internet service providers, and/or data analytics providers.|
CALIFORNIA CONSUMER RIGHTS
If you are a California resident, and in accordance with §999.308 of the CCPA Regulations, you have the right to:
- Request to know and access the Personal Information we collect, use, disclose, and sell;
- Request deletion of Personal Information;
- Opt-out of the sale of Personal Information; and
- Not receive discriminatory treatment by N1X10 for the exercise of the privacy rights conferred by the CCPA.
- Requests to Know and Access
You have the right to request that we disclose to you the following information:
a) Categories of Personal Information that N1X10 has collected about you, disclosed about you for a business purpose, or sold; Categories of sources from which the Personal Information is collected;
b) Categories of third parties with whom N1X10 shares or to whom N1X10 sells Personal Information;
c) The business or commercial purpose for collecting and selling Personal Information; and
d) Specific pieces of Personal Information that N1X10 has collected about you.
Instructions for submitting a verifiable request are provided below.
You may only make a request for access twice within a 12-month period.
- Requests to Delete
You have the right to request that we delete Personal Information about you that we have collected, subject to certain exceptions.
Instructions for submitting a verifiable request are provided below.
- Opt out of the Sale of Personal Information
You have the right to opt-out of the sale of your Personal Information.
N1X10 does not sell your Personal Information.
- Right to Nondiscrimination
You have the right to be free from discriminatory treatment for exercising the privacy rights conferred by the CCPA, including not being: denied goods or services; charged different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provided a different level or quality of goods or services; or suggested that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
How to Exercise Your Rights
If you are a California resident, you can request disclosure, access to, and/or deletion of your personal as described above by submitting a verifiable consumer request to us by sending an e-mail to email@example.com, including the following information along with your request: your full name, company name (if applicable), address, e-mail address and a phone number. We may request that you provide additional information if necessary to confirm your identity. This is for security purposes, and is required by law in some cases.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You have the right to make a free request up to two times in any 12-month period. We will respond to all validated requests within 45 days of receiving your request, unless we request an extension. In the event that we reasonably require an extension in order to respond to your request, we will notify you of any such extension within the initial 45-day period.
Address: Menachem Begin 11, Ramat Gan 6291917 Israel
Data Protection Officer: firstname.lastname@example.org
CHANGES TO THIS PRIVACY NOTICE
This Privacy Statement is effective as of December 30, 2021. We reserve the right to update this Policy from time to time at our sole discretion, but if we do, we will let you know about any material changes either by notifying you on the website or by sending you an email or push notification. If you keep using N1X10 services after a change, your continued use means that you accept any such changes.