When using our services, you entrust us with your most personal information. We understand this is a big responsibility and work hard to protect your information and put you in control.
This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information
By using our website or our web platform, you agree to the collection, processing, and transfer of your data as described in this privacy policy.
Please visit this section regularly as the policy may be subject to change or update. Any significant changes to this policy will be notified.
In addition to this notice, please read our Terms and Conditions and our Cookie Policy.
We, ONCOCHAIN SOLUTIONS NL B.V. and ONCOCHAIN SOLUTIONS S.R.L., owners of oncochain.com website and the Oncochain Web application or Platform, (hereinafter referred to as Oncochain, we, us, our, the platform, or the website), are a Romanian startup that aims to improve the quality of medical care for oncologic patients by creating a framework to facilitate the provision of patient-centered health services.
Oncochain provides an innovative integrated web-based oncology EHR that also acts as a software platform that connects the patient with care providers, CROs, pharmaceutical companies and research centers.
Harvesting Blockchain technology and integrating AI Solutions, Oncochain Platform will be capable of providing: data-driven, personalized and effective oncological care, with measurable results at individual and populational levels.
Information about OncoChain:
ONCOCHAIN SOLUTIONS NL B.V.
Paasheuvelweg 25, Tower D5
1105 BP
Amsterdam Zuidoost
The Netherlands
Tel: +40 726 277 354
ONCOCHAIN SOLUTIONS S.R.L.
Virtutii 12
Timișoara, Timis
300126
Romania
Tel: +40 726 277 354
Accessing or using any part/function of our website, you agree to accept and comply with the terms, conditions and policies mentioned and/or available through hyperlink and you admit having the minimum legal age according to the applicable national law. If you do not accept the terms, conditions and policies set forth in this documentation, then you should not continue to access our website and/or use our services.
Generally, we collect data about you when you contact us by email, telephone, through forms or the chatbot of the website, when you visit our website or when you visit us at one of our offices. We will also collect data about you through your doctor, if you have given your consent.
Occasionally, when we are conducting a recruitment process, we may collect your data from specialized online platforms (eg LinkedIn) or from the information you send us through our contact form or by email (including your CV).
In addition, when you interact with us on social networks (i.e. likes, shares, comments, reviews, etc.), we will inevitably have access to your information, especially data that you have made public on your social media profile.
Please find below the purposes for which we process your data, the persons who have access to your data, and how we store it.
Oncochain is a data-driven platform that relies on oncology patients' data to become an important tool in the decision-making process regarding their treatment. But to achieve this we need a large volume of medical data.
The data collection is made only through the partner medical institutions, more precisely through the authorized medical staff and only on the basis of your explicit consent, which you can withdraw at any time.
Your data is safe! All your data will be encrypted and can only be accessed by doctors authorized by the medical institution of which you are a patient.
We will use all collected medical data to perform anonymized statistical analyzes, using state of the art technologies such as ML, Blockchain & QLDB.
Personal data
Identification and contact details: Last name, first name, phone number, email address, internal identification number (ID set by the clinic)
Historic data: clinical gender (male / female), date of birth, smoking status (current-smoker / former smoker / non-smoker), hereditary pathologies
Case details: type of cancer, diagnostic, comorbidities, clinical studies, analysis reports, monitoring reports, treatment plan
Lawfulness of processing
We process your data based on your explicit consent, in accordance with art. 9/2/a of Regulation (EU) 2016/679
Who can we share your data with?
All your data will be encrypted and can only be accessed by doctors authorized by the medical institution of which you are a patient.
Our data hosting, storage and backup service providers have access to encrypted data without being able to access it.
We will share anonymized statistical data with CROs, pharmaceutical companies and research centers, to help them study this disease and develop new, more effective and less intrusive treatment methods.
How long will we store your data?
We will store your personal data (including medical data) strictly for the time necessary to fulfill the purpose for which they were collected, or for the time required by the fulfilment of legal obligations, if applicable.
We have considered 60 months from the date of obtaining your consent as a storage period, in order to be able to analyze the evolution of the disease over time.
On completion of this term, we will offer you the opportunity to update your consent, in order to continue to benefit from the facilities offered by the Oncochain platform.
If your consent is not updated, your personal data will be deleted when the retention period expires.
Where is the data stored?
The data registered through our website will be stored on Amazon's servers, located in the European Union.
We will process the medical data of the medical staff authorized by the partner medical institution in order to generate the access credentials in the Oncochain platform.
Personal data
Identification and contact details: Last name, first name, phone number, email address, medical specialization, the department within the medical institution where he works
Technical data: IP address (internet protocol), login details, browser type and version, location and time zone settings, browser plug-ins and their versions, operating system, information on the use of the platform.
Lawfulness of processing
We process your data for the performance of a contract to which the data subject is party, in accordance with art. 6/1/b of Regulation (EU) 2016/679
Who can we share your data with?
IT service providers for our company (hosting and data storage), providers to whom we outsource certain technical support services for our web platform. We use Amazon Web Services (AWS) for cloud storage.
Regulatory and other state authorities, if required by legal or statutory provisions.
How long will we store your data?
We will store your personal data during the partnership between us and the medical institution you represent. At the end of the contract, all your data will be deleted.
Where is the data stored?
The data will be stored on Amazon's servers, located in the European Union.
We will process the information you provide to us in order to provide you with our technical support in the use of Oncochain platform.
Personal data
Identification and contact details: Last name, first name, phone number, email address, medical specialization, the department within the medical institution where he works
Technical data: IP address (internet protocol), login details, browser type and version, location and time zone settings, browser plug-ins and their versions, operating system, information on the use of the platform.
Lawfulness of processing
We process your data for the performance of a contract to which the data subject is party, in accordance with art. 6/1/b of Regulation (EU) 2016/679
We will process the data collected during the process of providing technical assistance in pursuit of our legitimate interest in improving the operation of the platform and in improving the user experience, in accordance with art. 6/1/f of Regulation (EU) 2016/679
Who can we share your data with?
IT service providers for our company (hosting and data storage), providers to whom we outsource certain technical support services for our web platform. We use Amazon Web Services (AWS) for cloud storage
Regulatory and other state authorities, if required by legal or statutory provisions.
How long will we store your data?
We will store information about your request for technical assistance for a period of 12 months from the time your request is resolved
Where is the data stored?
The data will be stored on Amazon's servers, located in the European Union.
When you access the Oncochain platform, we collect data about you through online identifiers (cookies and IP), stored in log files.
We use this information to be able to design our platform according to the needs of our users. We may also use your IP address to diagnose any malfunctions of our servers and to manage our platform, analyse trends, track visitor movements, and collect general demographic information that helps us identify user preferences.
You can find more information about cookies, as well as how to delete cookies and deactivate their tracking system by accessing the Cookie Policy available on our website.
Personal data
Internet Protocol (IP), computer general location, device (country level), website viewing history, timestamp, request/action
Lawfulness of processing
Who can we share your data with?
We will only disclose your personal data to the extent that this is strictly necessary to achieve our specified purpose.
How long will we store the data?
There are session cookies and persistent cookies. While the session cookies are deleted when the browser is closed, the persistent cookies may have a different lifetime, depending on the cookie’s purpose.
You may find more information about the lifetime of the cookies we use in our Cookies Policy.
Where is the data stored?
Data is stored on servers located in the EU or the United States.
Oncochain pays close attention to protect your data and applies appropriate technical and organizational measures to ensure the protection of personal data processed, appropriate to the risks and categories of data protected. In particular, we protect your data by limiting the access to authorized persons, respecting the applicable laws, as well as taking measures against data change, loss, damage or destruction.
Remember, however, that no data processing is guaranteed 100% secure!
If you suspect a breach of the confidentiality of your data, please contact us immediately at [email protected].
Important: After the data retention period ends, your data will be deleted. We will continue to use this data only after its irreversible anonymization, in case we believe it could help us improve the quality of our products or services.
Our platform may contain links to other websites that are not owned or controlled by us. Please note that we are not responsible for the privacy practices of other websites or third parties. We encourage you to be aware of this fact when you leave our website and to read the privacy policies of each website that may collect your personal data.
The content included on our website is shown for information purposes only and it is made available in good faith. If the published content or any other information falls under the copyright laws or related laws, please let us know at [email protected], in order to take legal action.
Oncochain assumes no responsibility and cannot be held liable for any damages caused by the improper use of the products/services contracted through this website.
We do not assume the liability for malfunctions, viruses, damage caused by system errors caused when accessing our online platform.
However, we will do our best to keep the information provided updated.
Oncochain will process the data of minor patients, under the age of 16, only based on the explicit consent of the holder of parental responsibility over the child, in accordance with art. 8 of Regulation (EU) 2016/679
Your personal information will be transferred to recipients established outside the European Economic Area, including the United States of America. We will ensure that all transfers take place in accordance with applicable data protection laws.
If the country in which we will transfer your data is outside of the EEA and has not been recognized as providing adequate protection by the European Commission, the transfer shall be made based on agreements using standard contractual clauses or other appropriate guarantees, under the applicable law. We will authorize the international transfer of data only to controllers/processors who offer adequate guarantees, provide opposing rights and effective remedies for the data subjects.
This means that we will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the EEA under the GDPR including:
As a data subject, you have specific legal rights with respect to the personal data we collect and process. OncoChain respects your rights and upholds your interests.
- You contest the correctness of personal data for the period in which we must verify its accuracy;
- The processing is illegal and you request the restriction of processing rather than deletion;
- We no longer need your personal data, but you request it to state, exercise, or defence a right; or
- You object to the processing while we verify that our legitimate reasons overtake your rights.
- data are no longer needed for purposes for which they were processed;
- you object to the further processing of personal data (see Right of Opposition below);
- personal data have been processed illegally;
- you withdraw your consent based on which the processing takes place
Unless the processing is necessary:
- to fulfil a legal obligation that requires us to process those data;
- according to the legal provisions regarding data retention;
- to state, exercise, or defence a right in court.
Time period: We will try to answer your request within 30 days. However, the period might be extended regarding the request's complexity.
Restricting access: In certain situations, we may not be able to grant you access to all or part of your personal data due to restrictions provided by law. If we refuse your request to access your data, we will inform you of the reason for the refusal.
Impossibility of identification: In some cases, we may not be able to identify personal data due to the lack of identification elements provided in the application you send us. In such cases, if you do not provide additional information to identify you, we will not be able to comply with your request and allow you to exercise your legal rights, as described in this section.
To exercise your legal rights, or should you wish any other additional information on how we use your data, please contact our Data Protection Officer, in writing at [email protected].
Last updated on 19th of January 2021