Privacy policy

1. Introduction

At SkinVision we care about your privacy. We are fully committed to protecting and safeguarding the personal data you share with us when you use our service. In this Privacy Policy, we explain what kind of data we use, and how we use it. If you have any questions, do not hesitate to contact us via the contact details listed at the end of this Policy.

For further information about our use of cookies, we refer to our Cookie Policy.

We might amend this Privacy Policy from time to time. Visit this page regularly in order to understand what we do. If we make changes which are relevant to your consent and underlying information, we will always notify you before you use our service.

If you do not agree with our processing of personal data as described in this Privacy Policy, you cannot continue the use of our Services. If you agree with our Privacy Policy, we hereby welcome you to our service and you’re ready to start making assessments.

This is because we do require the minimum quantity of data we request in order to provide you with a safe and effective medical device.

Below you can find summaries of the information in this Privacy Policy

1.1 The persona data SkinVision collects

To be able to help you monitor the health of your skin, certain information is necessary for us to be able to provide you with our Services. You can sign up for our service in the App using your email address. We collect information about the device you use to access our App or Websites. The type of information we collect can, for example, include the type of your device, the software you use, location, device language and your IP address. In addition to this, we collect the data you provide in the App including the answers to the questionnaire regarding your skin profile and the pictures you take.

1.2. Why SkinVision collects your data

We use your data to assist you in the best possible way, and provide you with a safe and effective medical device. We need certain data in order to provide you with our full service and assist you with your health journey. We may also use your data for clinical and research purposes to improve our service. Furthermore, your information may be used for customer service, marketing, communications, and for legal purposes.

1.3 SkinVision through your health insurance company

When you access SkinVision Services through your health insurance company, we may process additional data.

1.4. SkinVision and third parties

SkinVision has third party service providers that help us provide or improve our service, this includes service providers, payment providers and financial institutions, business partners or research institutions.

1.5. SkinVision and social media

On our Website, we have share and like buttons to enable you to share our content with your network.

1.6. Privacy, data security, and data retention

SkinVision has implemented various measures and procedures to safeguard your personal data, as stipulated by European and Dutch data protection law. We will retain your data for 12 months after you unsubscribe from our service

1.7. Personal data of children

Our service can only be used when you have reached the age of eighteen (18) years or when you are older.

1.8. Your rights – access to your information

At any time you can make a request to review, correct, delete, obtain your data. You are also entitled to withdraw consent for the processing of the personal data we hold of you. You can do this by mail or email, using the addresses listed below. You also have the right to contact the Dutch Data Protection Authority when you have concerns about your rights. 

You can also request that SkinVision deletes your personal and health data. In that case, you can send your request via support@skinvision.com.

1.9. Scientific research consent

Handling your data safely and securely is a priority for SkinVision. We want to make sure you are fully aware of how we collect and process personal data to support our research purposes. Your data is used in order to improve the SkinVision Service.

Besides that, your data may be used for scientific purposes. The aim is to study the impact of the use of SkinVision on the secondary and tertiary health consumption, and/or the accuracy of the SkinVision Service. There is no risk to your privacy, as information security will be handled in accordance with GDPR regulation, and ISO 27001 standard. Please note that your insurance claim will not be affected by this study, as data will not be analysed on an individual level.

We retain the data that we process during a scientific research for the purpose of further research and/or improvement of the Services we provide unless provided otherwise.

1.10. Responsible party for the processing

SkinVision B.V., located in Amsterdam, The Netherlands, is the owner and operator of the service and is the controller of personal data processed via the Website and the App.

Please find the full explanation on how we process your data below.

2. The personal data SkinVision collects

2.1 Personal data you provide to us

 

The data you provide to us is collected and used (“processed”) by us to provide you with our best service. The minimum information you are asked for to provide us is your first and last name, date of birth and email address in order to access our service.

In our App, you can provide further information regarding your skin type and risk profile. We also process the pictures you take of your skin lesions and the way you store, organize and comment on them. Without your explicit consent, we are not allowed to store this type of information, and we cannot provide you with our service.

Other information we collect is your payment information and the information you provide to complete your personal profile: your first name and last name, profile picture, gender, date of birth, location, phone number, language.

When you use our Smart Check services and submit a picture of your skin lesion for analysis by our service, we store the photos and collect the information of your assessment. We do this to be able to assist you with your health journey. To provide the SkinVision Services, we need to be able to securely handle your health data. This means that we process your photo with our algorithms to look for irregular patterns commonly found in cancerous skin spots. We will store the photo on our servers so you can compare photos of lesions over time and monitor them for change. Furthermore, our in-house team of experts and dermatologists need permission to check the photos for the purposes of quality control. If our team detects any signs that need to be reviewed further, it will contact you and will advise you on the next steps to take.

We will ask for your explicit consent to allow us to store this type of information before you use such service, without your consent we cannot provide you with our service. By accepting this Privacy Policy, you consent to the processing of your health data.

As part of your health journey, we may send you follow-up emails regarding the provided advice and to assist you by reminding you to seek medical attention when necessary. If you wish to reply to these emails and get in touch with our Customer Support we will collect the information that you provide in these replies from you too.

When you use our App, we also collect data that identifies your mobile device and your use of the platform. The information we store includes notification access, device-specific settings and characteristics, system activity, location details, IP address, language settings, app crashes and other device event information, access data and times of your usage of the app.

We collect information when you give us feedback via your Apple App Store, Google Play Store or the questionnaire.

2.2 Personal information you provide us regarding the health of others

Our service is exclusively meant for your personal use. If you want to help others, please do so by encouraging them to download their own version of SkinVision. This will help them with their health journey and ensures that any health-related messages will be delivered to the right person.

2.3 Automatically collected personal data

During your visit to our Website or App, we automatically collect certain information about you, your visit of the service and the device you are using. This data includes data on the hardware, software, operating system, internet browser, IP address, language and application settings and version. We also collect data about when and how you used the service, including interaction with the elements on it and which pages you visited in the App or on the Website.

3. Why SkinVision collects your data

We use your data to assist you in the best possible way, your data may be used for the following reasons:

Health journey: The main reason why we collect your personal data is to supply you with our core service: assistance with your skin health journey and assist you with the early detection of irregular patterns on your skin, which can be a potential sign of the development of skin cancer.

Management and improvement of our Services: We use the data you provide us with to manage our Website, App, and business and to improve our services continuously.

Customer Service: Our customer service is here to help you and we use your data to do so. We may send you email notifications and/or in-App messages relating to the results of the analysis, this includes emails in which we provide you with information and ask you to provide us with information about possible follow-up actions.

Marketing: In order to keep you informed, we may send you communications relating to our business, by email or other contact details you provided to us. If you submit personal information for publication on our Website, we will use that information in accordance with the license you grant to us. Besides that SkinVision uses a marketing tool in order to support SkinVision with business insights into user behaviors. Please note that your health data is never being processed for marketing purposes.

Communications: We will send you communication regarding assessments you make via the App. If you opt-in for our mailing list, we may send you non-commercial communications, including our newsletter. When you use our services, we may send you a questionnaire or invite you to provide a review of your experiences with our service. We also may get in touch with you regarding feedback, inquiries, and complaints you made regarding our Website and App.

Research activities: In order to support the research on skin cancer and detection methods, we may use your data, pseudonymized (without a direct link to your identity) or anonymized (without us being able to identify you at all), for research purposes. This may include sharing your data with carefully selected third party research institutions. By uploading your images in the App, you explicitly consent to the images being processed for the purposes of the provision of the services and to be used anonymously for the purposes of research and testing of our services. As such, your images may be reviewed by our employees or third-party consultants who work for us and who are bound by strict confidentiality. For more detailed information on the scientific research consent, please see article 10 of this Privacy Policy

Legal purposes: In certain cases, we may need to use your information to handle and resolve legal disputes, for regulatory investigations and compliance, or to enforce the terms of use of the service as reasonably expected.

We collect and process your data based on the following legal grounds:

Contractual necessity: In order to fulfill the contract you enter into with us when you use our Services, we have to process some essential information. When you wish to use one of our paid services we may need to process your email address, pictures of skin lesions, risk assessment, payment information.

Legitimate interests: We are committed to improving and growing our service. Some of your data can help us to improve and promote our Service and Website, other data we may need for administrative, legal purposes or anti-fraud activities.

Legal obligations: We have to comply with certain laws and (country specific) regulations. In order to comply with these, we need information about your location and date of birth.

Consent: For certain promotional and marketing activities, we may ask additional consent. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Policy.

Explicit consent: Data regarding the health of your skin and risk assessments is a more sensitive category of data. In order to lawfully process this data for you, we will ask your explicit consent before we can assist you. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Policy. When you withdraw your consent, we will not be able to provide you with our Services and you should discontinue using our Services.

4. SkinVision through your health insurance company

 

When you access SkinVision Services through your health insurance company, we may process additional data. For example, we may ask you to fill in your personal identity number if we are required by local law to process this information before we can provide you the service.

5. SkinVision and third parties

For some specific reasons, SkinVision may share your personal data with carefully-selected third parties. These parties are Processors for your personal and health data. Please find an up-to-date list of the categories of our third parties here:

● Receiving feedback on how users appreciate our service is of vital importance. We use Satismeter to ask users to provide the Net Promotor Score (NPS) and leave their remarks. We therefore share the email address of our users.

● We use Branch.io in our service to allow deeplinking into our applications. This way we can provide a seamless user experience.

● Crashlytics is used for recording crash data and providing this back to our development team so that we can continue making our service better continuously.

● Our app uses Firebase for analytic and marketing purposes and to send you push messages.

● We use Leanplum as a marketing automation and customer support tool

● Sendgrid handles sending any service mails that we need to deliver as part of the SkinVision Service. We therefore share the email address of our users.

● Twilio handles sending any SMS text messages that we need to deliver as part of the SkinVision Service.

● We use Zendesk as our main customer support tool for handling emails.

● We use Adyen to process your payment information. Adyen may collect personal details such as your email, address and/or phone number to be able to process your payment. No health data is collected by Adyen.

● We use AWS to store our database within their systems.

● OpenWeatherMap API uses your location so we can provide you a personalized UV index.

● Vecozo matches data of users with their data within the databases of health insurers to check for completeness of declarations and matching details. Insurance policy check for insured dutch users.

● For scientific research purposes, we share data with Erasmus MC and TTP Zorg.

● We provide aggregated and anonymised data to your insurance company. 

SkinVision and social media SkinVision uses social media for various reasons. On our Website, we integrated social media like and share buttons (Facebook, Twitter, LinkedIn, Reddit), which allows you to share the content you like directly with your network. The social media plugins may process your personal data when you choose to share or like any content of our Website with your network. SkinVision does not control and is not responsible for the processing of personal data by these networks.

7. Data privacy, security, and data retention

 
7.1 Privacy

 

All data you provide to us and we collect from you is stored on secure cloud servers (the Servers) in the territory of the European Union, or stored by trusted third party service providers outside of the EU, which are held to similarly high standards. As a result, your personal information may be transferred to and stored at a destination outside your country. By submitting your personal information, you agree to the transfer of your personal information to the servers.

Personal information may also be processed by staff or by other third-party service providers operating outside your country who work for us. We take such steps as are necessary for the circumstances to ensure that any third party service providers treat your data securely and in accordance with applicable laws.

7.2 Data security

 

All data that you provide through the App and/or the Website is encrypted when it is transferred to or from the servers using industry-standard encryption (TLS). Furthermore, data is stored in encrypted form when at rest on the servers.

We store your account information and your digital images in separate data stores. The cloud server infrastructure is protected using firewalls and monitoring.

We work with appropriate procedures to prevent unauthorised access to and/or misuse of your personal data.

SkinVision uses appropriate procedures and business systems to safeguard your personal data. Furthermore, we use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel can access your personal data.

7.3 Data retention

 

SkinVision will destroy or de-identify your personal information once it is no longer required for the purpose or purposes for which it was collected.

If you terminate the Services and delete your account, we will retain your personal information for a period of 12 months, after which we will delete your data. We will retain the images you have uploaded prior to termination in an anonymous form only, for the purposes of medical, clinical and commercial research, and for testing of the Services. We will ask for your consent to process your data anonymously for research purposes.

We will retain (electronic) documents containing personal information:

● to the extent that we are required to do so by law;

● if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and

● in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).

8. Personal data of children

 

Our service can only be used when you have reached the age of eighteen (18) years or when you are older. When we identify personal information of children younger than eighteen (18) years old, we shall delete the data based on our legal obligations.

9. Your rights – access to your information

 

We will, upon your request, provide you with access to your personal information that is held by us. We will provide the data to you in a structured, understandable and machine readable way. We request that you provide us with appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address). We will require you to make your personal identification number and picture invisible to us.

In your request for access, we also request that you identify, as clearly as possible, the type(s) of information you wish to have access to. We will comply with your request to provide access to your personal information within 30 days and if you agree, we may charge you our reasonable costs incurred in supplying you with access to this information.

At any time you can make a request to review, correct, delete, or obtain your data. You can also withdraw consent for the processing of the personal data we hold of you. You can make such request by mail or email, using the addresses listed below. You also have the right to contact the Data Protection Authority when you have concerns about your rights, or if you feel that we are unlawfully processing your data.

You may oppose the processing of personal information concerning you, even if they are relevant to the purpose of the collection.

You may instruct us at any time not to process your personal information for marketing purposes and we will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.

10. Scientific research consent

 

Handling your data safely and securely is a priority for SkinVision. We want to make sure you are fully aware of how we collect and process personal data to support our research purposes.

All the photos that are processed and stored on our servers are anonymized and used to help our technology become more accurate in detecting skin cancer, saving lives. If we find one of your photos to show a suspicious skin spot, we might reach out to ask for further information regarding the skin spot in the photo, i.e. access to an histopathology report. This information helps to further improve our service and it assists more people in detecting suspicious moles and other skin spots with increased accuracy.

Besides that, your data may be used for scientific purposes. The aim is to study the impact of the use of SkinVision on the secondary and tertiary health consumption, and/or the accuracy of the SkinVision Service. The analysis in the study will be performed by Erasmus MC Rotterdam, by combining health claim data from CZ with the risk outcome from SkinVision. There is no risk to your privacy, as information security will be handled in accordance with GDPR regulation, and ISO 27001 standard. Please note that your insurance claim will not be affected by this study, as data will not be analysed on an individual level.

Depending on the circumstances, you may obtain access to our app for the purposes of a scientific research study. By taking part in the research and using our app you consent to SkinVision processing your data for the purpose of research and improvement of the app.

The images shall be stored exclusively within SkinVision servers unless agreed otherwise with you, the user of the app.

Research institutions may only use our Services for research purposes following SkinVision’s written consent over the study protocol. Research institutions may use data collected via SkinVision Services only following SkinVision’s written consent.

11. Responsible party for the processing of your data

The Websites and the Application are owned and operated by SkinVision B.V., our principal place of business is at Kraanspoor 28, 1033 SE SkinVision – Privacy Policy Version 2.12 Amsterdam, The Netherlands. You can contact us by writing to the business address given above, by using our Website contact form or the feedback form in the App, or by sending an email to the Data Privacy Officer at regulatory@skinvision.com.