For business
Symptomate is an advanced system for preliminary medical diagnosis, also available as a business solution.
Learn more
Apps

Mobile apps

Get the iOS app Get the Android app
English
Start checkup
Apps

Mobile apps

Get the iOS app Get the Android app
For business
Symptomate is an advanced system for preliminary medical diagnosis, also available as a business solution.
Learn more
English

Privacy Policy

Last update: November 26, 2020
Contents
Who we are
Why we collect and process data
What data we collect and process
Health information
How long we process your data
What we can do with your data
Your rights concerning data
Security
Cookies
Social media plug-ins, online marketing services and services rendered by third parties
Amendments
Contact
Who we are
Welcome to the website of Infermedica Sp. z o.o. with its registered office in Wrocław, Plac Solny 14/3, 50-062 Wrocław, Poland ("Infermedica", “we”, “us”, “our”). Infermedica is a Polish company entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, VI Commercial Division of the National Court Register, under KRS number: 0000429183, with tax identification number (NIP): 8971782877, and registered business number (REGON): 021889810.
Infermedica owns the website under the domain www.symptomate.com (the “Website”). Through the Website, as well as through a mobile application available in certain application markets for different mobile devices (the “App”), we provide services (the “Service”) described explicitly and comprehensively in the “Symptomate.com” Terms of Service available at https://symptomate.com/terms-of-service or in mobile apps. Infermedica acts as the controller of any personal data collected and processed in connection with use of the Website and the App.
All our activities connected with the Website or the App comply with the applicable data protection legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR).
The main goal of this privacy policy is to inform you how and for what purpose we process personal data in connection with your visit to, and use of the Website and the App.
Why we collect and process data
We collect and process your data to ensure and improve the functioning of the Website and the App. We collect and process your personal data, i.e. information that identifies, or at least makes it possible to identify, you as a natural person when you voluntarily decide to actively communicate with us or decide to leave us your feedback regarding our Service. What is more, we collect and process certain technical data generated due to you visiting the Website or using the App, which may also be considered personal data. ‘Processing’ means any operation which is performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, any kind of disclosure, erasure or destruction, or other use.
In a situation when you are using the Website and the App on your own behalf, but in aid of a third party, remember to obtain appropriate authorization prior to providing this data.
What data we collect and process
We collect several different types of information for various purposes connected with providing and improving our Service. The types of information that we collect and process depend on the types of services we provide via the Website and the App. We collect and process your personal data:
  • when you contact us,
  • when you decide to leave us your feedback,
  • when you browse the Website or use the App.
Het verstrekken van uw persoonlijke gegevens is vrijwillig, maar zonder deze gegevens kunnen wij niet realiseren wat u van ons verwacht, zo kunnen wij bijvoorbeeld geen contact met u opnemen.
  1. Contact:

    When you ask us to contact you, we will collect and process the following personal data:

    • e-mail address,
    • name and surname, if you provided them voluntarily.
    Where your personal data are collected and processed for contact purposes, the legal basis is in particular:
    1. the purpose of contacting you – the basis is your voluntary consent (legal basis under Article 6(1)(a) of the GDPR);
    2. the purpose of establishing, asserting, or defending ourselves against claims related to contact matters or the processing of your personal data – since the processing is necessary for us to pursue a legitimate interest (Article 6(1)(f) of the GDPR), namely being able to establish, assert or defend ourselves against claims.
  2. Feedback:

    If you decide to provide us with feedback on the quality of our Services, we may process only the data that you decide to provide us with. However, provision of personal data that enables identifying you is not required for providing feedback. You can provide us with your contact data in order to enable us to respond to your feedback.

    In this case, your personal data are collected and processed for feedback purposes and the legal basis is in particular:

    1. your voluntary consent (legal basis under Article 6(1)(a) of the GDPR);
    2. the purpose of establishing, asserting, or defending ourselves against claims related to contact matters or the processing of your personal data – since the processing is necessary for us to pursue a legitimate interest (Article 6(1)(f) of the GDPR), namely being able to establish, assert or defend ourselves against claims.
  3. Security:

    When you browse our Website and use the Services, we collect and process your IP address - which may be considered a piece of personal data - for security purposes only. We do not process your IP address in order to identify you as a natural person, but only to increase the level of security of the Website and the App in order to be able to react - for example - to the activity of automatic mechanisms.

    In such a case, your personal data is collected and processed for the purposes related to ensuring security of functioning of the Website and the App, and the legal grounds for processing are as follows:

    1. in order to ensure provision of our Services, to ensure security of their provision, and to improve the functioning of the Website and the App, as well as to balance the load between the Website and the App - the legal grounds is our legitimate interest (legal grounds under Article 6(1)(f) of GDPR).
  4. Marketing:

    Additionally, we take advantage of marketing services in order to analyse your behavior for the purposes of optimizing the functioning of the Website and the App, as well as for the purposes of optimizing our advertising activities. In particular, we take advantage of technologies such as Facebook Pixel, Google Analytics, FullStory, and Amplitude.

    In such a case the data is collected and processed for marketing purposes, and the legal grounds for processing are as follows:

    1. for the purposes of analyzing your behavior in order to optimize the Website and the App, and for the purposes of our marketing activities - the legal grounds is our legitimate interest (legal grounds under Article 6(1)(f) of GDPR).
  5. Medical history:

    When you are using Services through the Website and the App, we collect certain information regarding health condition, as well as other information that may be helpful for correct provision of Services, e.g. regarding sex, age, individual risk factor, region of residence, or everyday behavior.

    Such information regarding health is not combined with information that makes it possible for us to identify the person regarded by the medical history. Such information is combined with a unique identifier in order to obtain insight into statistical data allowing us to improve our Services. In view of the fact that we may potentially combine the IP address with the medical history for a period of 30 days, this data may be of personal nature during that period.

    In such a case, data is collected and processed for the purposes related to provision of the medical history service, and the legal grounds for processing are as follows:

    1. Your voluntary consent and intent to take advantage of the solutions provided (legal grounds under Article 9(2)(a) of GDPR);
Health information
When you use our Service through our Website or our Apps, we collect certain health-related information about you, as well as other information which may be helpful for us to correctly provide you with our Service, such as your gender, age, individual risk factors, the region in which you live, or your daily habits.
Such health information is not connected to any of your personal information and is fully anonymous. We link this information with the anonymized unique identifier to gain insights into statistical data that help us improve our Service.
We may use your information solely to enhance and improve your experience of our Service.
How long we process your data
We will retain and use your personal data only for as long as we need them to fulfil the purpose for which we have collected and processed them or as long as required and/or possible due to retention requirements specified in the provisions of law.
When it comes to requests for contact, we will process your data:
  1. to contact you - until the purpose of contact is achieved or until consent is withdrawn, in any case for no more than three years from the last action performed;
  2. to establish, assert or defend ourselves against claims – until such claims become time-barred.
When you leave feedback on our Services together with your contact data, we will process such data:
  1. until consent is withdrawn, in any case for no more than three years from the last action performed;
  2. to establish, assert or defend ourselves against claims – until such claims become time-barred.
When it comes to security matters, we will process your data:
  1. to provide our Services and to ensure their security, to improve the functioning of the Website and the App, and to balance the load between the Website and the App - for not longer than 30 days after the date of its collection.
When it comes to online marketing matters, we will process your data:
  1. to analyze your behavior in order to optimize the functioning of the Website and the App, and for marketing purposes - for as long as the services are provided, until an objection is submitted or until a change is made to the settings of your browser or in your Facebook or Google profile.
When it comes to the medical history purposes, we will process your data:
  1. for not longer than 30 days after the date of its collection - after that period the data is anonymized in relation to removal of data necessary for security purposes.
What we can do with your data
We work with some third parties and they may have access to some of the information about you that we collect and process. The recipients of your personal data may include:
  1. entities authorized by law on the basis of a proper request (courts, state authorities);
  2. entities providing accounting, IT, marketing, communication, analytical and legal services, including HubSpot, Google, Facebook, FullStory, Amplitude;
  3. subcontractors with whom we cooperate.
Your information, including personal data, may also be transferred to — and maintained on — computers located outside of the European Economic Area, where the data protection laws may differ from the GDPR.
If we provide the personal data beyond the European Economic Area, and in particular to any third countries, such provision will take place on the basis of appropriate legal mechanisms, such as Executive Decisions of the Commission (EU), standard contractual clauses applicable, or other similar legal instruments specified in the content of GDPR.
To ensure that you have adequate control over your personal data transferred outside the European Economic Area, you will have the right to obtain a copy of your personal data transferred to third countries at any time.
Your rights concerning data
You have the following rights under the GDPR:
  1. the right to request access to your data and to receive a copy of your data: whenever possible, you can access, update or request deletion of your personal data;
  2. the right to rectify (correct) your data: you have the right to have your information rectified if that information is inaccurate or incomplete;
  3. he right to erasure: you have a right to erasure regarding data that are no longer required for the original purposes or that are processed unlawfully;
  4. the right to data portability: you have the right to be provided with a copy of the information we have regarding you in a structured, machine-readable and commonly used format;
  5. the right to object: you have the right to object to our processing of your personal data – upon your justified objection we will cease any further processing under Article 6(1)(f) of the GDPR;
  6. the right to withdraw consent: you also have the right to withdraw your consent at any time where we relied on your voluntary consent to process your personal information;
  7. the right to lodge a complaint with the competent supervisory authority - about our collection and use of your personal data.
In order to exercise your rights described above, you may send appropriate requests to the following e-mail address: support@infermedica.com, dpo@infermedica.com, send them to our correspondence address given above, or submit them in person at our registered office. Bear in mind that prior to responding to your request regarding exercising your rights we may ask you for a proof of your identity. If you want to withdraw your consent to data processing, you can also click on the hyperlink entitled "unsubscribe" in the content of the e-mail correspondence. Withdrawal of your consent to data processing has no impact on legality of data processing that had taken place under the consent granted prior to the effective withdrawal thereof.
Security
The security of your data is a very important issue for us. We strive to conscientiously and perpetually protect your personal data from loss, destruction, distortion/falsification, manipulation and unauthorized access or unauthorized disclosure through appropriate technical and organizational measures adopted at our company.
However, please always keep in mind that no method of transmission over the Internet or method of electronic storage is 100% secure. Due to the inherent nature of the Internet, we cannot guarantee that during transmission over the Internet or while stored on our system or otherwise in our care, information will be safe from any intrusion by third parties, such as hackers.
Cookies
We use cookies to track your activity on our Website and in the App, and we hold certain information obtained from such tracking.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from our Website and the App and stored on your device. They are used to collect and track information and to improve and analyze our services rendered through our Website and the App.
Detailed information can be found in our Cookies Policy.
Social media plug-ins, online marketing services and services rendered by third parties
  1. Online marketing services:

    Based on legitimate interest, being the analysis, optimization and economic operation of our activities, as well as analysis of your behavior in order to optimize our Website and advertising, we use the following online marketing services:

    Facebook Pixel:

    On our Website, we use a marketing tool available through and provided by Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA, which is the Facebook Pixel. The Facebook Pixel is a source code fragment added to our Website.

    This tool makes it possible to track your behavior and activity when you are redirected to our Website having seen or clicked on a Facebook ad. This process is designed to evaluate the effectiveness of Facebook and our advertisements for statistical and market research purposes, and may help to optimize future advertising efforts. Information gathered using this tool allows Facebook to provide you with personalized ads when using Facebook.

    When you visit our Website, the Facebook Pixel establishes a direct connection with Facebook servers. Facebook is therefore informed that you visited our Website and may assign this information to your Facebook account.

    The data collected using the Facebook Pixel tool are anonymous with respect to us and cannot be used to identify you. The data are however stored and processed by Facebook, and this means that they can be linked to the respective Facebook account, and Facebook can use the data for its own advertising purposes, according to the Facebook privacy policy and the Facebook user’s profile settings. Facebook has ultimate control of any data gathered through this tool. However, you can opt out of Facebook’s use of the Facebook Pixel by adjusting the settings available on your Facebook account.

    Detailed information on the Facebook Pixel and the way your data are collected and processed can be found here: https://www.facebook.com/policy.php

    Google Analytics:

    Our Website uses Google Analytics, a web analysis program of Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). Google Analytics uses cookies that are stored on your terminal device as well as your IP address, with an active IP anonymization feature. On our behalf, Google uses such information to analyze your use of our Website and provides us with reports and other services. The IP address transmitted from your terminal device to Google Analytics will not be merged with any other data of Google. Google will transfer your data to third parties only if permitted by applicable law or in accordance with outsourced data processing agreements.

    You can prevent the collection and processing of information generated by the Google cookie by placing an opt-out cookie or deactivating Google Analytics in the menu of your terminal device. More information can be found here: https://policies.google.com/privacy

    Full Story:

    We use analytics software and services offered by FullStory, Inc. to collect information regarding your behavior on our Website. For more information about FullStory, please see the FullStory privacy policy available at https://www.fullstory.com/legal/privacy/. You can opt out of FullStory’s collection and processing of data generated by your use of our Website by going to https://www.fullstory.com/optout/.

    Amplitude:

    We use analytics software and services offered by Amplitude Inc. (631 Howard Street, Suite 300, San Francisco, CA 94105, USA). This tool collects technical information, such as the type of your device, the operating system used, or the name of your provider. In addition, Amplitude tracks events that occur during use of our Service. Additional information about the manner in which Amplitude processes data can be found at: https://amplitude.com/privacy.

    Firebase:

    We also use Firebase as a software development platform for building, improving, and developing our App. Firebase is a company owned by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). When you use our App, some of the services of Firebase process your personal data during provision of our services. In such a situation, Google acts as a data processing entity under GDPR and processes such personal data on our behalf. You can find more information regarding how Firebase processes data at the https://firebase.google.com/support/privacy website.

  2. Services rendered by third parties:

    Our Website uses a promotional video provided by YouTube LLC 901 Cherry Ave., 94066 San Bruno, CA, USA), a company owned by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). If you decide to launch the video, the website provided by YouTube will pop up. If you are logged onto your YouTube account, YouTube will be able to combine your behavior with the other data you provide to YouTube. YouTube videos provide a better understanding of our services. For more information on this subject, go to the Google privacy policy available here: https://policies.google.com/privacy

    Certain services offered to you through the Website contain links to websites hosted and operated by companies other than us, in particular social media providers and mobile apps as well as voice assistant technology providers. We do not share your personal information with these third parties, but you should be aware that any information you disclose to these third parties once you access their websites is not subject to this Privacy Policy.

Amendments
We may revise this privacy policy from time to time. The most recent version of the privacy policy will govern our use of your personal data and other information we process, and will be posted on the Website. By continuing to access or use the Website and the services we render through it, once those changes take effect, you agree to be bound by the revised privacy policy. If you do not agree, you must cease using our Website immediately.
Contact
You can reach us:
Data Protection Officer (DPO)
Bearing in mind the security and transparency of the data processing procedures and the necessity of maintaining continuous supervision over them, we have appointed a Data Protection Officer (DPO). You can contact the DPO appointed using the dpo@infermedica.com e-mail address or using our postal address (please include the "Data Protection Officer" annotation).
Diagnostic technology is powered by Infermedica
This site uses cookies. For more information, see our Terms of Service, Privacy Policy and Cookies Policy.
Infermedica © 2021