Privacy Policy

RADAR-CNS pRMT application 

Last updated: 2018-07-09

 

The Hyve built the RADAR-CNS pRMT App app as a Free app. This SERVICE is provided by The Hyve at no cost and is intended for use as is. The data collected by this app is sent directly to the RADAR-CNS platform hosted at King's College London (KCL) as part of the IMI RADAR-CNS project. Only use this app if you have signed consent in person to be part of studies conducted as part of the RADAR-CNS project. The Data Controller of the collected data is KCL.

 

This page informs you of the RADAR-CNS project policies regarding the collection, use and disclosure of Personal Information we receive from users of the RADAR-CNS passive Remote Monitoring Technology (pRMT) app published by The Hyve.

 

We use your Personal Information, as described below, only for medical research conducted by the partners of the RADAR-CNS project. Personal Information will not be shared with other parties without your consent. By using this app, you agree to the collection and use of the information given below for the purpose of medical research only. Anonymised data derived from Personal Information may be made publicly available, identifiable data will not.

 

Information Collection and Use

The app is able to collect personally identifiable information from your phone and connected devices. The data collected depends on which functionalities, the so-called plugins, are activated. In the next sections an overview is given of all available plugins and the information they collect. The version of the app determines which plugins are activated. Please check the app description to see which plugins are activated. The data that the app collects will remain within the EU.

 

The personal information collected will be retained by us and used as described in this privacy policy upto 10 years for identifiable contact data. Anonymised data may be preserved indefinitely.

 

The app does use third party services that may collect information used to identify you, and these may reside outside of the EU. Link to privacy policy of third party service providers used by the app:

By using the app statistics plugin listed below, this service may link use of our app with a Google account and phone characteristics.

 

By using the Empatica E4 plugin listed below, this service may link use of its SDK with an IP address, watch serial number and phone characteristics.

 

By using the OpenWeatherMap plugin listed below, this service may link the use of its API with an IP address and current location.

 

Data types per plugin

Phone sensors

  • Location of the phone as provided by GPS and/or the cellular network. Coordinates are collected as relative coordinates, making it nearly impossible to determine the absolute location of the phone. Android permissions needed: ACCESS_COARSE_LOCATION and ACCESS_FINE_LOCATION.
  • Call and sms log as provided by the Android system. The following data of calls/sms messages are collected: timestamp, length, type and the irreversibly encoded target phone number (as a sha256 hash). Android permissions needed: READ_SMS and READ_CALL_LOG.
  • Number of contacts in contact list, and number of added and removed contacts. Android permissions needed: READ_CONTACTS. Specific contacts are not stored, only the number of contacts.
  • Phone usage as provided by the Android system. The following usage information is collected: phone startup, shutdown, unlock events, application name, application launch time and application close time. Android permissions needed: PACKAGE_USAGE_STATS.
  • Other non-identifiable phone sensor data; acceleration, gyration, magnetic field, ambient light, battery level and number of bluetooth connections.

 

Application Status

General logging of the status of the application. The timezone, connection status, number of records sent and application uptime are logged.

 

Empatica E4 watch

The Empatica plugin allows collection of data from an Empatica E4 watch. A connection to the Empatica servers is made for authentication. No activity data from the E4 watch is sent to the Empatica servers. Please also see the privacy policy of Empatica.

The following data is collected from the E4 watch: 3D acceleration, skin temperature, blood volume pulse (detected with Photoplethysmography), inter-beat-interval derived from blood volume pulse, galvanic skin response (also known as electrodermal activity) and the watch battery level.

 

Pebble watch

The Pebble plugin allows collection of data from a Pebble watch. Data is collected on the watch and send, via the Pebble app and RADAR-CNS app, to the RADAR-CNS platform. Please also see the Pebble privacy policy.

The following data is collected from the Pebble watch: 3D acceleration, heart rate derived with Photoplethysmography and the watch battery level.

 

Biovotion device

The Biovotion plugin allows collection of data from a Biovotion device.

The following data is collected from the Biovotion device: 3D acceleration blood volume pulse (detected with Photoplethysmography), heart rate, heart rate variability, galvanic skin response, respiration rate, peripheral capillary oxygen saturation, skin temperature and watch battery level.

 

Audio phone plugin

The audio phone plugin allows collection of both raw audio data and features from audio. Explicit user consent is required to enable raw audio collection. Phone calls will not be recorded. Features collected include, but are not limited to mood, level of background noise and presence of voices.

 

Bittium Faros plugin

The Bittium Faros plugin allows collection of data from Bittium Faros 180/360 devices. These data include: acceleration, battery level, ECG, heart rate and temperature.

 

OpenWeatherMap plugin

Using the OpenWeatherMap API, the weather plugin collects data about the approximate weather local to the phone. It uses the location of the phone to query the data from OpenWeatherMap, but does not collect location itself.

 

Log Data

We want to inform you that whenever you use our Service, in case of an error in the app, we collect data and information (through third party products) on your phone called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, and other statistics. These data may be transferred outside of the EU.

 

Service Providers

We may employ third-party companies and individuals due to the following reasons:
  • To facilitate our Service;
  • To provide the Service on our behalf;
  • To perform Service-related services; or
  • To assist us in analyzing how our Service is used.

We want to inform users of this Service that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

 

Security

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure, and we cannot guarantee its absolute security. The collected data is kept in a separate data store than other personally identifiable information. Except for the audio data, the collected raw data cannot be used to identify a person except by linking it to another data store under the control of KCL. In case of a data breach, this decreases the likelihood of the collected data being linked to a person.

 

Links to Other Sites

This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

 

Children’s Privacy

These Services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.

 

Data subject rights

Data subjects, being users of the SERVICE, have the following rights:

  • submit a complaint to the Institutional Review Board of KCL at any time if they believe data are being processed wrongfully. Find their contact details on https://www.kcl.ac.uk/innovation/research/support/ethics/contact.aspx.
  • ask the data privacy officer to supply information about the processing operations that use your data.
  • inspect the information available on you personally and arrange for it to be changed or erased.

 

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.

 

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us via email address info@thehyve.nl or phone number +31 30 700 97 13.

 

The data privacy officer assigned to this project by KCL is the Information Compliance office. Contact details:

 

Tel: +44(0)20 7848 7816

Email: info-compliance@kcl.ac.uk

Postal address

 

Information Compliance

Department of Business Assurance

King's College London

Room 5.20

James Clerk Maxwell Building

57 Waterloo Road

London SE1 8WA