Privacy Policy for the Digital Service Dog – Reelieve app.

Under the General Data Protection Regulation (GDPR) and the Danish Data Protection Act, Reelieve is obligated to protect personal data processed about users, customers, suppliers, partners, and other natural persons.

Your data security is important to us, and we therefore place great emphasis on handling your personal data responsibly. Below you can read how Reelieve (hereinafter Reelieve, “we”, “us” or “our”) processes personal data about you. You can also read about the rights you have in connection with our processing.

REELIEVE’S ROLE AS DATA CONTROLLER AND DATA PROCESSOR

REELIEVE acts as data controller when we process personal data in connection with the treatments described below. In other words, we ourselves determine the purposes for which personal data is collected and processed, and we essentially determine the means for carrying out these processes.

If you have questions about our processing of your personal data, you can contact us:

Reelieve / Mental Assistant Denmark ApS
CVR no. 44 62 03 83

We can be contacted through our data protection contact person:
Name: Vicky Lorenzen
Phone: 93 10 11 11
Email: vbl@compliancelaw.dk

WHAT PERSONAL DATA WE COLLECT AND THE PURPOSE

We process personal data about you in a number of different situations. The personal data we collect and process is primarily collected from the registered individuals themselves.

Read more about our processing in the various situations below.

Use of the “Digital Service Dog”

When you use our app, “the Digital Service Dog”, we collect and process the personal data you provide us. This will typically include the following:

  • Profile: name, date of birth, email and password
  • Symptom data: answers to questionnaires (PCL-5, VAS), logbook, exercises
  • Smartwatch data: biomarkers (e.g. heart rate, HRV, temperature, movement)
  • Next of kin: contact details, if you choose to add a next of kin

The processing of this personal data is based on your explicit consent. You can always withdraw your consent by deleting your profile through the app.

The processing of ordinary data is based on Article 6(1)(a) of the GDPR, and sensitive personal data is processed based on Article 9(2)(a) of the GDPR.

You can always withdraw your consent or delete your profile. If you withdraw your consent, your personal data will be deleted or anonymised. We use the anonymised data for the further development and improvement of our service. Our legal basis for this is our legitimate interest in improving the app pursuant to Article 6(1)(f) of the GDPR.

Reelieve transfers your personal data to data processors, for example in connection with the hosting of our database. Our data processors process your personal data solely for our purposes and on our instructions. We enter into data processing agreements with our data processors to ensure that the necessary security is in place and to protect the data and comply with our data protection obligations.

TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EU/EEA

In connection with our processing of your personal data, we may transfer the data to countries outside the EU/EEA.

Data protection legislation in these countries may be less stringent than in Denmark and the rest of the EU/EEA. In certain countries, however, the European Commission has established that the level of data protection is equivalent to the level of protection in the EU/EEA. If we transfer personal data to countries where this is not the case, the transfer of your personal data to these countries outside the EU/EEA will be based on the standard contractual clauses drawn up by the European Commission, specifically designed to ensure an adequate level of protection.

You can read more about the transfer of personal data to countries outside the EU/EEA on the European Commission’s website.

If you would like further information about our transfer of personal data to countries outside the EU/EEA, please do not hesitate to contact us.

DATA INTEGRITY AND SECURITY

We ensure the confidentiality, integrity and availability of the personal data we process through technical and organisational security measures.

Our technical security measures include the security of the IT systems we use in our business. Our organisational security measures include establishing guidelines and policies that our employees must follow. We monitor compliance with these and train our employees to an appropriate extent.

Our processing security for personal data also includes ensuring lawful processing, including compliance with the processing principles set out in data protection legislation, and ensuring that we have a legal basis for our processing activities.

YOUR RIGHTS

As a data subject, you have a number of rights under the General Data Protection Regulation. If you wish to exercise your rights, please contact us.

You may – unconditionally and at any time – withdraw any consent you have given. This can be done by sending us an email (see email above). Withdrawal of your consent will not have any negative impact. However, it may mean that we are unable to fulfil certain specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of processing based on consent before it is withdrawn. Furthermore, it will not affect any processing carried out on another lawful basis.

You may also – unconditionally and at any time – object to our processing when it is based on our legitimate interests.

Your rights also include the following:

Right of access: You have the right to access the personal data we process about you.

Right to rectification: You have the right to have inaccurate personal data about you corrected and incomplete personal data completed.

Right to erasure (the right to be forgotten): In certain cases, you have the right to have personal data about you erased before the time when we would ordinarily delete your personal data.

Right to restriction of processing: In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to restricted processing, we may in future only process the personal data – other than for storage purposes – with your consent, or for the purpose of establishing, exercising or defending legal claims, or to protect a person or important public interests.

Right to object: In certain cases, you have the right to object to our processing of your personal data, and always if the processing is for direct marketing purposes.

Right to data portability: In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another.

Right to lodge a complaint: You may at any time lodge a complaint with the Danish Data Protection Agency (Datatilsynet) regarding our processing of personal data. See more at www.datatilsynet.dk, where you can also find further information about your rights as a data subject.

UPDATES

From time to time it will be necessary for us to update this privacy policy. We regularly review our privacy policy to ensure that it is up to date, accurate and in accordance with applicable legislation and principles for the processing of personal data. We publish new versions on our website reelieve.com and in the App Store and Google Play.