Privacy policy

1. Introduction

At Geras Solutions, we care about you as an individual and as a patient, and your privacy is our priority. In this privacy policy ("Privacy Policy"), we explain how we handle your personal data ("User") when you are in contact with us or use any of our services (the "Services").In the Privacy Policy, we describe who is the data controller for the processing of personal data that occurs when you use the Services. We also explain what personal data we process about you when you use the Services, why we do so, and what legal basis is used.We also describe who else may handle personal data about you in order to provide the Services. You will also be informed of your rights and how you can exercise them.

2. Who is the data controller for the processing of personal data?

2.1 Your healthcare provider is the data controller of the personal data processed in the Platform. Here, Geras Solutions, org.nr 559025-3828, Norrtullsgatan 6, 113 29 Stockholm, acts as a data processor for healthcare providers using the Services.

2.2Minnesmottagningen is the data controller for those individuals using the Services independently and without the involvement of another healthcare provider. Here, Geras Solutions acts as a data processor in the role of platform provider.

2.3 If you have any questions or comments about our processing of personal data, you are always very welcome to contact us at admin@gerassolutions.se.

2. How we use your personal data

2.1 In this section, we specify the categories of personal data that we may process, the purposes of the processing, and the legal basis for the processing.

2.2TechnicalData
We may process data about users' use of our website and app ("Technical Data"). Technical Data may include IP address, geographic location, browser type and version, operating system, origin of visits, duration of visits, page views and navigation paths on the website, as well as information about the time, frequency and patterns of your use of the Services. Such information may be collected through so-called cookies if you choose to accept cookies. The basis for processing and analyzing this type of data is the user's consent (Article 6(1)(a) of the GDPR) and the purpose is to enable a better and smoother user experience. Some processing operations are also carried out with the support of a contract (Article 6(1)(b) of the GDPR) through our Terms of Use.

2.3Account data
We may process users' account data ("account data"). Account data may include users' name, email address, age, gender and language. The user himself is the source of this information. Account Data may be processed for the purposes of managing your registration or termination of your user account, maintaining accurate information about you, assisting you with support requests, and providing the Services to you in accordance with our Terms of Use.The basis for processing your personal data is contract (Article 6(1)(b) of the GDPR).

2.4 Service Data
We may process users' personal data provided during the use of our Services, such as tools like the "quick test" on the website or the "cognitive test", "disease history" and "symptom questionnaire" in the app ("Service Data"). Service Data may include information about perceived symptoms, past conditions, or changes in health or behavior noticed by others.The source of Service Data is the user himself for the "quick test", "cognitive test" and "disease history". The source of data for the "symptom questionnaire" is relatives, whom the user invites to contribute their perspective in relation to this.We primarily process your Service Data in order to be able to carry out the care you have requested (Articles 6.1 c and 9.2 h of the GDPR) and according to the Patient Data Act. The processing is also based on your consent in certain cases (Article 6(1)(a) of the GDPR). The processing is carried out to facilitate the assessment of the user's cognitive abilities and status. Service Data is also processed to fulfill other obligations Minnesmottagningen has as a healthcare provider, such as record keeping and retaining documentation for a certain period of time.

2.5Providing support and communication when you use the ServicesGeras Solutions may communicate with you about your use of the Services, including to help you with questions and handle complaints. We may also contact you regarding your use of the Services. The processing is carried out to fulfill the contract between you and us (Article 6(1)(b) of the GDPR). If the support request is related to the care or processing of Service data, the processing is done on the basis of the healthcare provider's right to process personal data in the context of the administration of care (Article 9(2)(h) of the GDPR and the Patient Data Act).

 2.6Quality developmentand quality assurance of the ServicesGerasSolutions may process your personal data for the purpose of developing and improving the Services. Minnesmottagningen also processes your personal data as part of the quality improvement work that a healthcare provider is obliged to perform. Processing of personal data for this purpose is based on contract (Article 6(1)(b) and Article 6(1)(f) of the GDPR and the Patient Data Act).

2.7 To comply with legal obligationsIn addition to what is mentioned above, we may process all types of personal data mentioned above and disclose them if required to comply with obligations under laws, government decisions or judgments (Article 6(1)(c) of the GDPR).

3. Disclosure of your personal data to others

3.1Suppliers
In order to provide the Services to you, we use a number of external suppliers who may process your personal data. These suppliers will only process your personal data according to our instructions and based on a data processing agreement with us.

3.2Other healthcare providers
In cases where the User uses the Platform in contact with other healthcare providers, we may, with your consent, disclose personal data related to your health to them. This transfer is carried out by Geras Solutions as data processor. For further information on this processing, please refer to your healthcare provider's privacy policy.

4. Storage

4.1 Personal data we process, regardless of purpose, is stored for as long as necessary under the GDPR.

4.2 As a healthcare provider, Minnesmottagningen has an obligation to retain patient records for at least 10 years under the Patient Data Act.

4.3 If a processing is done with your consent, we will delete your personal data if you revoke your consent, to the extent possible.

5. Transfer to third countries

5.1 Personal data is primarily processed within the EU/EEA and health data is always stored within the EU/EEA. In limited cases, Geras Solutions may transfer your personal data to countries outside the EU/EEA. All such transfers are made in accordance with the GDPR.

6. security

6.1 We have put in place comprehensive security measures to ensure that your personal data is protected from unauthorized access. Should an incident occur that affects your personal data in a significant way, we will always contact you to inform you of what has happened, what measures we have taken and describe the consequences of the personal data incident.

7. your rights

7.1 In this section we have summarized the rights that you as a User have under the GDPR.

7.2 Your main rights under the GDPR are:

(a)The right to be informed: You have the right to obtain information about what personal data we process about you, for what purpose, and whether such personal data is transferred to third countries. You also have the right to be informed about which third parties have received your personal data in order for us to provide the Services to you.

(b)The right to withdraw consent: You may withdraw the consent you have given to Geras Solutions regarding the processing of personal data based on your consent.

(c)The right to rectification: You may request that we correct incorrect information about you.

(d)The right to be forgotten: You have the right to request that your personal data be deleted. It should be noted here that a healthcare provider has certain obligations regarding the retention of personal data linked to your medical record.

(e) The right to object to the processing of personal data.

(f)The right to data portability: You have the right to request that your personal data be transferred to another controller. This can be done by us providing you with your personal data in a commonly used electronic format so that it can be transferred to another party.

(g)The right to lodge a complaint with a supervisory authority:You have the right to lodge a complaint with the Swedish Data Protection Authority if you believe that our processing of personal data is incorrect and does not meet the requirements of the GDPR. On the Swedish Data Protection Authority's website (www.imy.se) you will find their contact details.

8. contact us

8.1 If you have any questions or wish to exercise any of your rights as described above, you are always very welcome to contact us via the contact details provided on our websites www.gerassolutions.com and www.minnesmottagningen.se or by sending an e-mail to admin@gerassolutions.com. If you wish to contact our Data Protection Officer, you can reach him at the above email address. You can also use the following contact details:
Geras Solutions, org.nr: 559025-3828, Karlavägen 18, 114 31 Stockholm.

9. changes

9.1 This Privacy Policy may be updated from time to time by posting a new version on our websites. If we make any material changes, we will inform you in advance and give you the opportunity to review them. If you do not agree to the changes, you cannot continue to use our Services.
This privacy policy was last updated on 2024-12-23

Geras Solutions AB
Karlavägen 18
114 31 Stockholm, Sweden
010-750 07 26

Terms of UsePrivacy PolicyCookie Policy
© Geras Solutions
By clicking "Accept", you consent to cookies being stored on your device to improve website navigation, analyse website usage and assist with our marketing efforts. See our privacy policy for more information.
denyaccept