Pursuant to Art. 8.1.1 of the Act of 18 July 2002 on Provision of Electronic Services (consolidated text: Journal of Laws of 2020, item 344, as amended) Higosense Sp. z o.o. with its registered office in Warsaw (00-351) at ul. Zajęcza 15 (hereinafter the “Service Provider”) establishes these regulations for the use of the Service Provider’s services provided electronically (hereinafter referred to as the “Regulations”).
The Service Provider shall make the Regulations available free of charge on the Website, on the Doctor’s Application upon the first use of the Application in a way that enables its download, reproduction and recording of its content, including, but not limited to, printing.
GLOSSARY OF TERMS
Whenever the following terms are used in the Regulations, they shall be understood to mean:
Website – Provider’s websites available to Users at the following addresses: www.higosense.com, www.higo.doctor, www.higomed.com
Application – HigoSense mobile application available for download from the official Google Play and App Store shops. The correct download and installation of the Application is necessary to use the Services.
Doctor’s Portal – a website integrated with the Application and intended for healthcare entities cooperating with the Service Provider and their employees and personnel authorised by the Service Provider. An element of the Doctor’s Portal is an administration panel allowing for management of the Accounts according to the rules specified in the Regulations.
Services – the services specified in item 3 of the Regulations provided electronically through the Application or the Doctor’s Portal.
User – an adult natural person having access to the functionalities of the Application intended for the performance of the Service or using the Doctor’s Portal. Access to the Doctors’ Portal is only available to entities that provide healthcare services or are employed by such entity.
Personal Data – the User’s personal data within the meaning of Article 4 of the GDPR, including contact details and health data.
Entity providing medical services – an entity conducting medical activity within the meaning of the Act of 15 April 2011 on medical activity (consolidated text: Journal of Laws of 2020, item 295, as amended).
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
Account – an individual and authorised User account in the Application or Doctor’s Portal.
Sub-account – a profile created in the Account by the User allowing the Personal Data to be assigned to specific persons. The exact number of Sub-accounts that may be created by a User depends on the specific provisions of the Subscription Model chosen by the User or the agreements between the User and the Service Provider or the terms of cooperation with a particular Health Services Provider. The Sub-account may relate to personal data of individuals other than the User. Sub-accounts are opened in accordance with the rules set forth in the Regulations. A PIN number may be established for a Sub-account.
Login – a sequence of characters specified for the purpose of logging into the Account individually assigned by the Service Provider or established by the User, or e-mail address
Password – an individual access password consisting of at least 8 characters being small and capital letters, digits and special characters, specified in order to log into the Account.
PIN – an individual password for access to a Sub-Account, which may be optionally set for the Account by the user of a given Sub-account.
TYPES AND SCOPE OF ELECTRONIC SERVICES
The Service Provider provides the Services through the Application and the Doctor’s Portal.
The Service Provider provides the following Services to the User through the Application:
Maintenance of an individual Account, including an Account with Sub-accounts;
Integration with medical devices offered by the Service Provider and display of medical data sent from them in a structured way in the Application;
Collection, storage and making available to Health Service Providers of medical data collected with the Service Provider’s medical devices. The collection and sharing of medical data is carried out by the User, another person or a medical professional.
The data is shared through the Application and the Doctor’s Portal;
Communication with medical professionals through the Application – Doctor’s Portal in the form of text messages.
The Individual Account referred to in item 3.2.1 of the Regulations is created by the Service Provider or the Entity performing medical services on the basis of the data provided by the User. This data includes the User’s first and last name, an identification number allowing to verify the User’s identity, telephone number, e-mail address, age and gender of the User.
To the extent that such an option is available in the Application, Users may set up an Account by themselves. In order to open an individual Account, as referred to in item 3.2.1 of these Regulations, the User shall undergo the registration process in accordance with the information presented in the Application after it has been installed and activated. As part of the registration process, the User provides his/her personal data indicated in the Application, at least first and last name, e-mail address. An activation hyperlink will be sent to the e-mail address provided during registration. Once you have used the link, your Account is activated.
The User may create a Sub-account in which Personal Data of other natural persons, e.g., children, spouse, parents, other family members of the User will be processed. The person whose personal data is processed under the Sub-account may create a PIN by following the instructions in the Application.
The User may create a Sub-account for persons for whom he/she is the legal representative. The User may also create a Sub-account for persons who have expressly authorised them to do so.
If the User uses medical devices offered by the Service Provider, in accordance with item 3.2.2 of the Regulations, the User may integrate them with the Application, which will ensure that data can be transferred from the medical devices to the Application. The rules of integration are specified in the instructions accompanying the medical devices. The data sent from the medical devices will be stored under the rules set forth in the Regulations by the Service Provider for the period of providing the Account service.
In addition to the data referred to in item 3.7 of the Regulations, the User may, in accordance with item 3.2.3 of the Regulations, enter additional data to the Application, including the attachment of additional documents. The User who uses the Service Provider’s medical device may make the data collected with the medical device and available in the Application available to medical professionals available on the Doctor’s Portal.
In accordance with item 3.2.5 of the Regulations, the User may use health services provided via the Application (communication with health professionals). Health services shall be provided in accordance with the rules laid down by the Entity carrying out the medical activity.
Communication with members of the medical profession may take place if, due to its nature and the individual situation of the User, this is not prevented by current medical knowledge, the requirements of due diligence or safety considerations.
If, while communicating with medical professionals, the User experiences a deterioration in health or new health problems arise that have not previously been observed or reported, the User should immediately inform the medical professional thereof and, if justified by the urgency of the health problem, call an ambulance.
The Service Provider shall provide the following Services to the Entity performing medical activities or to the User who is a medical professional as part of the Doctor’s Portal:
Provision of the Doctor’s Portal and maintenance of an individual Doctor’s Account;
The possibility of exchanging data and documents between the User and other Users acting as their patients.
Communication between the User and other Users acting as patients in the form of text messages.
The Individual Doctor’s Account, referred to in point 3.12.1 of the Regulations, is set up by the Service Provider or the Entity performing the medical activity on the basis of the data provided by the User: first name, last name, e-mail address.
To the extent that such an option is available in the Doctor’s Portal, Users may set up an Account by themselves. In order to open an individual Doctor’s Account, as referred to in item 3.12.1 of the Regulations, the User shall undergo the registration process in accordance with the information presented in the Doctor’s Portal. As part of the registration process, the User provides his/her first and last name, e-mail address. An activation hyperlink and a token for the first login will be sent to the e-mail address provided during registration. After using the link, entering the token and setting a new password, the Account is activated.
Pursuant to item 3.12.2 of the Regulations, a User who is a medical practitioner, who runs a health care provider or is employed by such a provider may, via the Doctor’s Portal, view medical data and documents made available to them by other Users. When viewing the data, the User may use additional tools made available in the Doctor’s Portal. The scope of data to which the User has access via his/her individual Doctor’s Account may be limited only to patient data of the specific health service Provider or to data specified by the health service Provider.
Pursuant to item 3.12.3 of the Regulations, a User who is a medical practitioner, who runs a health care provider or is employed by such a provider may, via the Doctor’s Portal, provide health services (communication with patients). Health services are provided according to the rules established by the User who is a medical professional or the Entity providing medical services.
CONDITIONS FOR THE PROVISION OF ELECTRONIC SERVICES
The Service Provider provides Services to the User to the extent and under the conditions specified in the Regulations.
The Service Provider shall exercise due diligence in providing the Service, in particular by ensuring continuous access to the Service with the exception of periods during which the Application is being upgraded, updated or maintained. The User will be notified of those periods within the Application subject to appropriate advance.
The Service Provider shall, in particular, ensure that the provision of the Services does not cause any interference with the provision of health services, inter alia in relation to ensuring, without undue delay, access to the data contained in medical records. However, the Service Provider does not guarantee the continuous operation and availability of the functionalities of the Services resulting from causes beyond its control.
It is prohibited for Users to publish, in connection with access to the Application, information and content that is unlawful, offensive, contrary to good morals, untrue or likely to mislead, and content that contains viruses or that may cause disruption or damage to computer systems.
Within the provision of the Services, the User’s personal data will be processed, including health data collected through the Application.
The User should immediately inform the Service Provider, by email to firstname.lastname@example.org, of any type of noticed security breach while using the Services.
The Services are not intended for Users:
who require hospitalisation – especially when the health professional who was previously present at the home visit was unable to help;
who are in immediate danger to life or health (e.g., the user is unconscious, not breathing, has a sudden allergic reaction, has suffered uncontrolled bleeding);
in other conditions requiring an immediate call for an ambulance.
In order to use the Service correctly, it is required that the User meets the following technical conditions:
use of a smartphone, tablet or other similar device with internet access;
with an operational system: Android, version 6.0 or higher, or iOS, version 13.0.0 or higher;
If the User uses hardware and software which do not meet the technical requirements described in the Regulations, the Service Provider shall not be liable for the quality of the Services provided or for failure to provide the Services.
In order to ensure the highest possible security of the provision of the Services and the transmission of personal data, the Service Provider shall take appropriate technological measures adequate to the potential risk, meeting the standards required by, among others, the GDPR.
CONDITIONS FOR CONCLUSION AND TERMINATION OF SERVICE CONTRACTS
Before using the Service, the User shall read the Regulations. The User confirms to have read the Regulations and agrees to be bound by the provisions of the Regulations by ticking the appropriate check-box in the Application.
The creation of an Account and the commencement of use of the Application shall be tantamount to the conclusion of an agreement for the provision of electronic services for the operation of the Account. The use of the Services covered by the contract for the provision of electronic services is free of charge.
Through the Account the User may use other services provided by entities other than the Service Provider, including Entities performing medical activities. The detailed principles for the provision of those services shall be laid down by another entity, including the Entity carrying out the medical activities. If an additional fee is required to use such a service, effective payment of the fee by the User may be necessary to begin using such service.
The User may resign from Account Service at any time, without any fees and without stating a reason. To do so, the User should send an e-mail to email@example.com. Resignation from the Service means termination of the contract for the provision of electronic services .
The User has the right to make enquiries, comments and complaints in relation to the use of the Services. Such enquiries, comments and complaints should be sent to the e-mail address firstname.lastname@example.org.
The message concerning such enquiry, remark and complaint should at least specify:
Data that allows for the unambiguous identification of the User, including first and last name and telephone number;
The subject of the enquiry, comment or complaint and the circumstances giving rise to it;
Enquiries, comments and complaints shall be dealt with as quickly as possible in electronic form, but no later than 20 working days after submission.
The Service Provider shall be liable on a general basis for the due diligence of the Services offered and provided.
The Service Provider is not responsible for the lack of access to the Service resulting from force majeure or other reasons not attributable to the Service Provider, e.g., low quality of the Internet connection on the part of the User.
The Service Provider shall not be liable for any incomplete, untrue or incorrect data provided by the User during the registration and setting up of the Account and during the use of the Services, including data provided within the framework of Sub-accounts set up within the Account. The above applies in particular to the provision of data of third parties without their knowledge or consent. The User shall be solely responsible for the consequences of providing incorrect, incomplete, untrue, misleading or otherwise incorrect data, including in particular medical data.
The Service Provider is not responsible for any damage caused to third parties as a result of the User’s use of the Services in a manner contrary to the Regulations or the law.
The Service Provider is not liable for any acts and omissions of third parties, except for those for which the Service Provider is liable under the law.
The Service Provider does not provide the Services constituting health services, nor shall it be liable for any medical diagnosis or medical advice given by a medical practitioner, an entity providing health services or employed by such a provider.
The User is solely responsible for the non-performance or improper performance of the Service resulting from the User’s failure to comply with the requirements and conditions set out in the Regulations.
PRINCIPLES APPLICABLE TO PERSONAL DATA PROCESSING
The Controller of the User’s personal data is the Service Provider, i.e., HigoSense Sp. z o.o. with its registered office in Warsaw, at ul. Zajęcza 15, 00-351 Warszawa, entered to the Register of Entrepreneurs maintained by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register under KRS number: 0000685349, NIP: 5252716083 and REGON: 367769182. You can contact the controller as specified on the website www.higosense.com.
For greater security of personal data, the Service Provider has appointed a Data Protection Officer. To contact the Data Protection Officer, please send an email to email@example.com.
The Service Provider processes personal data for the purpose of providing the Services. This data includes basic identification and contact details and health data from medical devices and/or the App, submitted by the User or medical professionals. Personal data of persons for whom a Sub-account has been created may be transferred by the User.
The basis for the processing of personal data is the necessity for the conclusion and performance of the contract for the provision of electronic services (Article 6(1)(b) of the GDPR), and, with regard to data on health, the User’s consent expressed before using the Services.
The User has the right to withdraw their consent at any time. Consent withdrawal does not affect compliance of the processing of personal data with law that has been performed pursuant to the consent prior to its withdrawal. Withdrawal of consent may prevent further proper use of the Services.
The User’s personal data will be processed for the duration of the provision of the Services. Personal data may also be processed for the period necessary to fulfil a legal obligation incumbent on the Service Provider or the period necessary to establish, assert or defend claims.
The User’s personal data may be made available to entities providing technical support services for the processing of personal data. The transfer of personal data to other entities always takes place subject to all the legal bases required therefor.
The User’s personal data will not be used for automated decision-making, including profiling. If this were to change, the User will be informed in appropriate advance.
Personal data will not be transferred to third countries within the meaning of the GDPR. However, the Service Provider may also provide the Services in third countries, and in the event of use, Users’ personal data may be transferred to third countries. In such cases, the User Provider will transfer personal data only to countries providing an adequate level of protection or it will assure the appropriate safeguards required by applicable laws. Detailed information about the safeguards can be obtained by contacting the Data Protection Officer in accordance with item 9.2 of the Regulations.
The User has the right to request to provide access to, rectify or erase your personal data, restrict processing and object to processing, as well as the right to request data portability. You have the right to file complaints with the President of the Personal Data Protection Office in Warsaw.
The disclosure of personal data is necessary for the conclusion and correct performance of the Services under the contract for the provision of electronic services.
The User shall bear the costs arising from the use of telecommunications services, including means of electronic communication, necessary for the use of the Service.
The Application contains information protected by copyright, industrial property rights and intangible assets protected by intellectual property rights. None of the content, in particular text, photos, programs, graphics, trademarks, icons, logos, etc., presented in the Application may be reproduced or distributed in any form or by any means without the prior permission of the Service Provider. The User undertakes to use the content of the Application only within the scope of his/her own permitted use.
The Service Provider reserves the right to modify the Regulations. These Regulations may be amended in particular in the event of a change to the provisions of law in force, affecting the content of the Regulations, a change related to the scope or type of the Services provided, a change related to technical requirements or a change related to extending the functionality of the Application.
The Service Provider shall inform Users of any changes to the Regulations immediately by:
Publishing a notice of amendment to the Regulations in the Application;
sending a message about amendments to the Regulations by e-mail to the address indicated by the User during Account registration;
Continued use of the Service after receipt of the Communication referred to in Article 9(4) above shall mean acceptance of the new version of the Regulations by the User.
In matters not set forth in the Regulations, the applicable laws shall apply.