- GENERAL DATA PROTECTION PRINCIPLES
- WHAT CATEGORIES OF DATA DO WE PROCESS
- HOW DO WE COLLECT YOUR PERSONAL DATA
- PURPOSES OF THE PROCESSING: WHY DO WE PROCESS YOUR PERSONAL DATA?
- LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL DATA
- TO WHOM WE MAY DISCLOSE YOUR PERSONAL DATA?
- TRANSFER OF YOUR PERSONAL DATA OUTSIDE OF THE EEA
- HOW LONG DO WE STORE YOUR PERSONAL DATA?
- WHAT ARE YOUR RIGHTS AS DATA SUBJECT?
- HOW DO WE ENSURE THE SECURITY OF YOUR PERSONAL DATA?
Motech’s wearable devices sends data to provide the service which delivers features such as location monitoring, fall detection, activity analysis, alert button, boundary management and two-way voice enabled communication.
Motech’s web and mobile applications supports monitoring centre services, healthcare professionals and carers to manage the care and safety of the wearable device user via simple to use online dashboards, mobile apps and via 3rd party integrations.
Motech works with a wide range of service providers that deliver the service to the end user. In this framework, Motech processes personal data on behalf of the service provider to enable the delivery of their service.
If you have any other question or request in relation to the processing of your personal data, you may contact us at any time in writing at the address indicated above. You may also contact Motech’s Data Protection Officer at firstname.lastname@example.org.
Personal data means any information relating to an identified or identifiable natural person (the ‘data subject’).
Motech aims to ensure, at all time, that personal data is:
- processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’);
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- accurate and, where necessary, rectified or kept up to date (‘accuracy’);
- kept in a form which permits identification of the data subjects for no longer than is necessary for the purposes for which the personal data is processed (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
Processing of your personal data will only be performed for achieving specific legitimate purposes (see title 5 below, ‘Purposes of the processing: Why do we process your personal data’) and when justified on the basis of a valid legal ground (see title 6 below, ‘Legal Basis for the Processing of Your Personal Data’).
Motech processes personal data the following personal data:
- Account information – Account holders name and email address;
- Wearable Device Users Information – All personal information inputted by the account holder or service provider;
When providing our services or products to you, we may collect or receive your data via different channels:
- via the internet, including our website and web application. All personal data is inputted in Motech’s system by the user or by an authorised service provider;
We may receive your personal data directly from you, from your service provider, from a business partner or from publicly available information. Motech will only disclose or receive personal data from a third-party in compliance with the applicable data protection legislation. For more information in this respect, please refer to the title 7 “To whom may we disclose your personal data?”.
The collection and processing of the above-listed types of personal data is necessary for us to achieve specific legitimate purposes in the conduct of our business activities. In particular, we process your personal data for the following purposes:
- to provide you services and products;
Motech anonymises your data and process for the following purposes:
- to improve our services and products;
- for customer administration, for example to answer requests or questions from customers, customer satisfaction surveys, or manage complaints on a specific product or service;
- for administration and management of personnel and intermediaries;
- for management of commercial relationships with third parties;
- for administrative purposes within the Motech;
- for back-up or archiving purposes;
- to respect our legal obligations;
- for statistical research or market research;
- for combating fraud and other crime;
- for dispute management;
- to protect society, our industry sector or Motech;
- for account management;
Motech commits not to process or further process your personal data in a manner that is incompatible with the above mentioned purposes.
Motech commits to process your personal data lawfully, i.e. relying on one of the valid legal bases, as explained below.
Your personal data will primarily be processed when necessary for the performance of the contract concluded between you and us, or in order to take steps at your request prior to entering into a contract.
Your personal data might be processed based on your consent. In that case, we will always ensure to have received your free, specific, informed and unambiguous consent.
Your personal data might be processed based on the legitimate interests pursued by us for example, for administrative purposes, or for the purpose of research and development.
Your personal data might be processed because it is necessary for compliance with a legal obligation which we are subject to.
Your personal data might be processed because it is necessary in order to protect somebody’s vital interests (e.g. in case of accidents or incidents), or because necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Please note that Motech may disclose your personal data to our agents, representatives or other intermediaries in order to achieve one of the above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’).
Other recipients of your personal data may also include our service providers or business partners, such as:
- IT service providers;
- marketing services providers;
- analytic consultants;
- data storage service provider;
- research and development organisations;
- professional advisers;
- if Motech purchase or sell a company or company assets, Motech may disclose your personal data to a potential buyer or seller of such company or company assets;
- if Motech or a substantial part of Motech assets is acquired by a third party, your personal data may be disclosed to that third party buyer;
In some specific circumstances, we may also disclose your personal data to government, public authorities, statutory or regulatory bodies and enforcement bodies, when compelled to do so.
Motech will only disclose your personal data to parties providing sufficient guarantees to ensure the protection of your data and the realisation of your rights as data subject (see title 10 below, ‘What are your rights as data subject?).
Motech always strive to process your personal data within the EEA. But, in order to achieve one of the above mentioned purposes, your personal data may have to be transferred to countries outside of the European Economic Area (EEA).
Motech will only transfer your data to a third-party located in countries outside of the EEA after a careful check and/or the signing of a specific agreement, in order to ensure that this third-party:
- provides appropriate safeguards regarding the level of protection of your personal data;
- properly informs the data subject hereof;
- ensures the enforceability of your rights as data subjects; and
- provides effective legal remedies to you.
You may always obtain a copy of the data transferred to these third-parties upon request to us.
Motech undertake to comply with the storage limitation principle. Motech will not store your personal data for longer than necessary for the performance of our contract and/or for achieving one of the other above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’). Please notice that Motech may also be legally obliged to store your personal data for a minimum time period to comply with statutory requirements.
We will perform regular governance checks to identify personal data which no longer serve any purpose in order to delete them or otherwise anonymize them.
You have right to control the way your personal information is used, Your rights as a data subject are listed below:
- The right to access:you may at any time request to access your personal data. Upon request, we will provide a copy of your personal data undergoing processing. For any further copies, we may charge a reasonable fee based on administrative costs. If you request a copy of your data by electronic means, and unless otherwise requested, we will provide you all relevant information in a commonly used electronic form.
- The right to rectification:you have the right to obtain from us, without undue delay, the rectification or completion of any inaccurate or incomplete personal data concerning you.
- The right to be forgotten:you may request us to delete (part of) your personal data in the following situations:
- when the processing was based on your consent and you have decided to withdraw that consent;
- when your data are no longer necessary for achieving the purposes for which they were collected or otherwise processed;
- when you objected to the processing of your data for direct marking purpose;
- when you objected to the processing of your data (see ‘right to objection’ below), and it appeared upon verification that your rights, freedoms or personal interests prevail over our legitimate interests;
- when your personal data have been unlawfully processed (e.g. because your consent was not validly obtained);
- when your personal data have to be erased in compliance with a legal obligation to which Motech is subject.
- The right to object: you may object at any time to the processing of (part of) your personal data when used for profiling or direct marketing purposes. You may also object to the processing of your personal data, when such processing is based on our legitimate interests. In that latter case, we will no longer process your personal data, unless we have compelling legitimate grounds to do so, or because such a processing is necessary in the establishment, exercise or defence of a legal claim.
- The right to restriction of processing: you may in any case request from us to restrict the processing of your personal data in the following situations:
- when contesting the accuracy of your data;
- when the processing appears to be unlawful;
- when we no longer need your personal data for the purposes of the processing; or
- pending verification whether our legitimate grounds override yours in the framework of an objection.
In case you exercise your right to restriction of processing, we will only be allowed to process your data with your consent, with the exception of storage.
- The right to data portability:upon request, you have in some cases the right to receive all your personal data in a structured, commonly used and machine-readable format, in order to transmit those data to another entity. Where technically feasible, you may also request from us to transfer your personal data directly to this other entity. Your right to portability may be denied to the extent that it has an adverse effect on the data protection rights of other individuals.
- The right to withdraw your consent:when processing is based on your consent, you remain free at all time to withdraw your consent.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make to exercise your data protection rights.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Note: Restriction/Removal of Information may result in limiting your access to Motech’s Services.
In case of issue in relation to your personal data or other privacy concern, you may also lodge a complaint with the Data Protection Commissioner.
Motech highly value the security of your data. Motech, take all the necessary administrative, technical and organisational measures to ensure the security and confidentiality of your personal data and to protect your personal data against unauthorised or accidental access, loss, misuse, disclosure, alteration or destruction.
Prior to disclosing your personal data to a third-party / data processor, we will always ensure that this third-party / data processor offers an adequate level of security.
To help analyse how you and other visitors navigate the Motech website and applications, compile aggregate statistics about site usage and response rates, help diagnose any problems with Motech’s servers and administer the Motech website, we, with assistance from third-party analytics service providers, collect certain information when you visit our site. This information includes IP address, geographic location of the device, browser type, browser language, date and time of your request, time(s) of your visit(s), page views and page elements (e.g., links) that you click. We use this information to provide better, more relevant content on our site, to identify and fix problems, and to improve your overall experience on our site.
If you do not want information collected through the use of these technologies, there is a simple procedure in most browsers that allows you to automatically decline many of these technologies, or to be given the choice of declining or accepting them.