2.1 In this section, we clarify:the categories of personal data that we may process;the purposes of the processing, and the legal basis for the processing.
2.2TechnicalData
We may process data about Users' use of our website and app ("Technical Data"). Technical Data may include IP address, geographic location, browser type and version, operating system, visit origin, length of visit, page views and website navigation paths, and information about the time, frequency and pattern of your use of the Services. Such information may be collected through the use of cookies if you choose to accept cookies. See our Cookie Policy for more information on our use of cookies. The basis for the processing and analysis of this type of data is the user's consent (Article 6(1)(a) of the General Data Protection Regulation, "GDPR", and the purpose is for the user data to enable a better and smoother user experience. Some processing is also carried out on the basis of contract (Article 6(1)(b) GDPR), via our Terms of Use.
2.3Account Data
We may process users' account data ("Account Data"). Account Data may include users' name, email address, age, gender and language. The user is the source of this data. Account Data may be processed to process your registration or termination of your user account, maintain accurate information about you, assist you with support issues, and deliver the Services to you in accordance with our Terms of Use. The basis for processing your personal data is contract (Article 6.1. b GDPR).
2.4 Service Data
We may process users' personal data provided during the use of our Services, i.e. during sections such as "cognitive testing", "medical history" and "symptom survey" of the app ("Service Data"). This Service Data may include information about perceived symptoms, pre-existing conditions or changes in health or behaviour noted by others. The source of the Service Data is the user themselves for "cognitive testing" and "medical history". The source of the data for the "symptom survey" is the family member that the user invites to contribute their perspective related to this. We mainly process your Service Data in order to provide the care you have requested (Articles 6.1.c and 9.2 h GDPR) and in accordance with the Patient Data Act. Processing is also carried out on the basis of your consent in certain cases (Article 6(1)(a) GDPR). The processing is carried out to facilitate the assessment of the user's cognitive ability and status. The processing of Service Data is also carried out in order to comply with other obligations that Minnesmottagningen has as a healthcare provider, such as the obligation to keep a medical record and to keep the documentation for a certain period of time.
2.5Providing support and communicating with you regarding your use of the ServicesGeras Solutions may communicate with you regarding your use of the Services. This includes helping you to get answers to questions you have and investigating complaints. We may also contact you regarding your use of the Services. The current processing is carried out for the performance of the contract between you and us (Article 6(1)(b) GDPR). In case the support case is related to healthcare or processing of Service Data, the processing is carried out on the basis of the healthcare provider's right to process personal data in connection with the administration of healthcare (Article 9(2)(h) GDPR and the Patient Data Act).
2.6Quality developmentand quality assurance of the Services
Geras Solutions may process your personal data for the purpose of developing and improving the Services. Minnesmottagningen also processes your personal data as a healthcare provider as part of the quality enhancement work that a healthcare provider needs to carry out. Processing of personal data for the above purposes is carried out on the basis of a contract (Article 6(1)(b) GDPR and Article 6(1)(f) GDPR and the Patient Data Act)
2.7 To comply with legal obligations
In addition to the above, we may process all types of personal data as indicated above and transfer them if necessary to comply with obligations under laws, official decisions and judgments (Article 6(1)(c) GDPR).