BGaze: PRIVACY POLICY

Here you can learn about our privacy practices regarding our websites, applications, cognitive assessments, attention control training apps, e-mail notifications, advertisements, commerce services and other covered services that are linked to these Terms (collectively , 'Services').

Specifically we cover below the following aspects :

1. Information share with us

When you use our Services, we collect the following types of information.

2. How we use the information you share with us

We use the information we collect for the following purposes.

Communicate with you

We use your information when necessary to send you notifications of the Service and respond to you when you contact us.

strong>Provide and maintain services

Using the information we collect, we can deliver the Services you have contracted by accepting our Use Terms and Conditions (here link) with you.

strong>Customer Support

We use the data that you communicate in customer service dialogues to resolve your doubts and problems, and possibly also to learn how to improve our services.

strong>Optimize security and protection of your data

The data you share with us also helps us to optimize the security of the Services without complicating their use too much. It is used to authenticate users, allow secure payments, respond to a request of a public authority, to satisfy auditing requirements and in similar situations.

strong>Improve, Customize and Develop Services

We use the information you share with us to improve and personalize the Services and to develop new Services. For example, to train our artificial intelligence algorithms.

strong>Our COMPLIANCE or the General Data Protection Regulations

The General Data Protection Regulation (RGP) is based on European Regulation 2016/679, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the circulation of this data.

For the personal data subject to the GDPR, we use methods of processing the data that respect the requirements of the GDPR . We always ask for your consent, which you can withdraw at any time informing us of your preferences by email at info@braingaze.eu.

strong>Compliance with HIPAA requirements

Our BGaze systems handle sensitive data about the health of people with special rigor, complying with all the requirements of the HIPAA regulations. The access to our software and our databases requires user identification and password; the data is stored in encrypted form and the communication of this data between the cloud and its local application is also done with encryption. In addition, our systems have a double 'back-up' in several physical places that is also encrypted.

strong>Use of sensitive health data in aggregated or anonymized form

As part of our 'Machine Learning' approach, we use certain data of yours (and of your clients, whose diagnostic processes include a use of the BGaze system) that have to do with aspects of your (or their) health in an anonymized and / or aggregated way, always ensuring that no person is identifiable by this use.

3. How much do we share the information

As a general rule, WE DO NOT SHARE your personal information; except in some specific cases defined below.

If you ask us or you explicitly authorize us

If you use our Services and in this process you give us explicit consent to share your personal data with entities and / or specific persons, for example because you want them to review your case, or because you collaborate in a scientific investigation.

Service providers that require this data

We share minimum information with our corporate affiliates, service providers and other partners who process it for us, based on our instructions and in accordance with this policy and any other appropriate measures of confidentiality and security. These partners provide us with services worldwide, including development, maintenance, customer support, information technology, payments, sales, marketing, data analysis, research and surveys. They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose it or use it for other purposes.

The law, the damage and the public interest

We may preserve or disclose information about you to comply with a law, regulation, legal process or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect or investigate illegal activity, fraud, abuse, violations of our terms or threats to the security of the Services or the physical security of any person.

Our policy is to notify you of the legal process seeking access to your information, such as search warrants, court orders or subpoenas, unless the law prohibits us from doing so. In cases where a court order specifies a period of non-disclosure, we provide a delayed notice after the expiration of the non-disclosure period. Exceptions to our notification policy include demanding or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.

Non-Personal Information

We may share aggregated non -personal information or de- identified so that it can not reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports on mental health, to partners under confidentiality agreement with us, or as part of the comparative assessment information offered to investors or others interested in the company as an investment object.

4. Rights of access and control of personal data

During the configuration of the account you can define how to control your personal data. You will also have to accept during the installation process the fact that BGaze saves data about your clients. We require that you inform your clients of these conditions so that they are aware that their data will be stored in our system. More specifically, the following aspects are defined.

Access and data export

During a session of interaction with our system, you can access much of the information you have provided, including those of your clients / patients. Both during the use of our systems according to any use agreement, and after terminating an agreement of use, you can consult your previously captured data and even export your data from the BGaze application in a format that you can use to import them into another application.

What happens to your data if you are no longer a BGaze paying user?

If you decide to stop using the BGaze tool to improve your diagnostic work, you can continue to use the data collected during its use; the local application on your PC will continue to work offering access to all your data stored in a local database.

We keep your account and its data even after you have stopped using BGaze to the extent necessary to comply with legal obligations, to comply with regulatory requirements, maintain security, prevent fraud and abuse, respect our Terms of use.

We will retain anonymized information from your clients / patients after their use agreement has been terminated. Other information that you have shared with us (for example, 'input' from parents, teachers, collaborators, health professionals , researchers ) is included in this anonymized information.

Objection to the use of data

If so required by any law that is above this User Terms and Conditions, we will offer you the possibility to object to the use of such information as defined in the above paragraphs on how we use information. You also have the general right not to let us use your information for marketing and direct sales. You may change some of your preferences in your account settings or you can contact us through info@braingaze.eu.

How to communicate if you want to define more about the use of your data

If you need more help regarding your rights, please contact our Data Protection Officer at info@braingaze.eu . If you live in one of the countries of the European Union (EU), the European Economic Area (EEA) or Switzerland, you also have the right to file a complaint with the local data protection authority.

5. Data retention

We keep all information about your account for as long as your account exists. We also keep information about you and your use of the Services for an indefinite period of time for our legitimate business interests including for legal reasons.

6. Analytics and Advertising Services Provided by Others

We work with suppliers of analysis and advertising services. These help us understand how our users interact with our Services, publish our ads on the Internet and analyse the performance of these ads. These companies may use cookies and similar technologies to gather information about your interactions with the Services and other websites and applications. To learn more and about your privacy options, please refer to to our statement of Use of cookies.

7. Data of minors

Here we refer to people under 18 years of age. Some of our Services are directed to, and validated for, minors. Only for these Services, we collect personal information from minors in relation to relevant characteristics for a diagnosis and / or treatment.

When our Services intended use require asking for personal information about children, it is necessary that the clinical-professional user of our Bgaze system who uses our Services in their clinical work notifies the parents (a parent or legal guardian) about the information practices regarding to children, including the types of personal information we can collect from children, the uses to which we can put that information, and with whom we can share that information. According to applicable laws, you must even obtain the consent of parents or legal guardians for the collection of personal information of your children, or for sending information about our Services directly to your children or guardians and others in the environment of these children.

We on our part limit the personal information of children that we keep to what is strictly necessary to participate in the applicable Service and we give parents or legal guardians access or the possibility of requesting access to the personal information we have collected from their children and the possibility of requesting that personal information be changed or deleted.

Parents who believe their child has sent us personal information and wish to have it removed can contact us at info@braingaze.eu

8. Security of our communication systems and information

We implement security systems such as HTTPS and advanced 128-bit encryption. We monitor our systems to detect possible vulnerabilities and attacks. However, it is not possible to guarantee 100.00% the security of information sent to us. There is no infallible guarantee that the data cannot be accessed, revealed, altered or destroyed due to the breach of any of our physical, technical or management safeguards.

If you have any questions related to safety information, contact our customer service at info@braingaze.eu

9. Our international operations and data transfers

We are an international company with offices and clients in several countries; as a consequence, we may transfer personal information between entities that are part of the group of companies or to third parties in places around the world for the purposes described in this privacy policy.

In these information transfers we will always take reasonable measures to ensure the privacy of personal information. If we use or disclose personal information transferred from the European Union, we use means in accordance with European Union law to guarantee adequate guarantees.

The countries in which our services can be contracted may have privacy and data protection laws that differ from the laws of the countries where we are legally established . You accept this fact when you create an account for a BGaze system . If you later change your mind about this matter, you can delete your BGaze account as described in the relevant section.

10. Changes to this policy

From time to time, we will need to change this Privacy Policy to adapt to new technologies, clinical practices, regulations or for other reasons. We will notify you if these changes are substantial and, when required by applicable law, we will ask for your consent. Such notifications of changes can be communicated by email, by posting notice of such changes in our services user interfaces, or by other means, in accordance with applicable law.

By continuing to access or use the Services after such changes take effect, you agree to be bound by the revised Privacy Policy.

11. How to contact us

If you have questions, suggestions or concerns about this policy or about the use we make of your information, please contact us at info@braingaze.eu

If you live in one of the countries of the European Union (EU), the European Economic Area (EEA) or in Switzerland and wish to exercise some of your legal rights, please contact our data protection officer at info@braingaze.eu

You can also contact us by mail at:

Braingaze.

Effective: May 25 , 2018