The BGaze system aim to help detect cognitive profiles in order to offer a mental health professional relevant information to be able to make decisions with more confidence about their diagnosis and treatment. In a clinical setting, the information offered Bgaze Light (interpreted by a qualified mental health professional ) can help in making clinical decisions. BGaze Light does not intend to directly represent a medical diagnosis of any kind. A diagnosis of cognitive or neurodegenerative disorders can only be made by a physician or psychologist who is qualified considering an ample range of possible factors. According to the intended use, Braingaze does not indicate that BGaze Light is or should be considered as a medical device certified by the FDA as a medical device or under the rules of the CE Mark for these devices. Bgaze Light can be used for research studies in the area of cognition and attention. If you use it for research, that should be done in the appropriate way applying procedures as defined by the applicable laws in your geography.
Here you can learn about our privacy practices regarding our websites, applications, cognitive assessments, attention control training apps, e-mail notifications, advertisements, commerce services and other covered services that are linked to these Terms (collectively , “Services”).
Specifically we cover below the following aspects :
- Information we collect
- How we use the information
- How information is shared
- Your rights of access and control of your personal data
- Data retention
- Analytics and Advertising Services Provided by Others
- Our policies for children
- Safety information
- Our international operations and data transfers
- Changes to this Policy
- How to get in touch with us
Information share with us
When you use our Services, we collect the following types of information.
1.1. Information that you provide us
In order to use our Services you need to create an account by providing us with relevant information. This information can include your name, a valid email address, a strong password, as well as your date of birth and gender.
This is the minimum information we need to create an account. The user name you choose is public, but you can choose a pseudonym, you do not need to put your real name as user ID. As per your own judgment, you can provide other additional information, such as your profile picture, biography, nationality, location, company, university and profession.
To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information, such as health-related details or contact details of symptom informants or clinical experts that can be contacted through the Services.
If you provide information about people who can give information about the presence of symptoms, we assume that you have asked them for permission to share this information.
Logically, if you contact us or participate in a survey, event or promotion, we receive and archive the information you send us, such as your name, contact information and your possible message.
Payment and Card Information
To contract our services, you probably need to provide us or a third party with secure payment services: payment information, including an IBAN bank number and / or a credit or debit card number, expiration date of the card, CVV code and billing address. In case of credit card information, as these payments are processed by a third-party payment processor, Braingaze does not store this credit card payment information directly. Please note that third-party payment processors may retain this information in accordance with their own privacy policies.
Braingaze work with the following payment processors:
1.2. Information we receive from your use of our services
Information about the device and its location
When entering or leaving our websites that offer Services, we may keep the URL of both the site from which it comes and the site you will visit below. We can also save information about your IP address, operating system, web browser and add-ons, device identifier and features, and / or ISP or your mobile phone provider. If you use our Services from a mobile device, that device may share with Braingaze data about your location if the configuration of your phone allows it.
So that our services work well, sometimes we have to collect information about your browsing on our website and others that may have directed you to ours. This includes links to the emails we send you and links to Braingaze that appear on other websites or mobile applications.
By clicking on a link or external advertisement in our Services, a possible advertiser or website operator registers if it comes from Braingaze websites . We can also collect data about the ad you have clicked, other personal information, such as cookies or an IP address.
When you access or use our Services, usage data that we save is generated. It is information regarding the interaction with our servers: information about the creation or login to your account, searches within our websites, installations of software.
Our systems can also collect data about the devices and equipment used to access the Services; such as IP addresses, language, browser type, operating system, device and application identifiers, visited pages, location (depending on the permissions granted to us) and certain information about cookies.
Information about your Health and other personal information
As regards the information that we receive from you, including health data and other personal data subject to the General Regulation of Data Protection of the European Union (“GDPR”), the collection of this data will be accompanied by a window in which we ask for your explicit consent to use them. You can withdraw your consent at any time by sending an email to firstname.lastname@example.org
Allies and other third parties
It may be that we receive your personal data when you use services of our clients and our allies. In that case we operate from the assumption that these clients and allies have previously secured your consent with this Policy. In case you are such a client or ally, please respect this clause and make sure your patients and clients are in agreement.
How we use the information you share with us
We use the information we collect for the following purposes.
Communicate with you
We use your information when necessary to send you notifications of the Service and respond to you when you contact us.
Provide and maintain services
Using the information we collect, we can deliver the Services you have contracted by accepting our Use Terms and Conditions (here link) with you.
We use the data that you communicate in customer service dialogues to resolve your doubts and problems, and possibly also to learn how to improve our services.
Optimize security and protection of your data
The data you share with us also helps us to optimize the security of the Services without complicating their use too much. It is used to authenticate users, allow secure payments, respond to a request of a public authority, to satisfy auditing requirements and in similar situations.
Improve, Customize and Develop Services
We use the information you share with us to improve and personalize the Services and to develop new Services. For example, to train our artificial intelligence algorithms.
Our COMPLIANCE or the General Data Protection Regulations
The General Data Protection Regulation (RGP) is based on European Regulation 2016/679, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the circulation of this data.
For the personal data subject to the GDPR, we use methods of processing the data that respect the requirements of the GDPR . We always ask for your consent, which you can withdraw at any time informing us of your preferences by email at email@example.com.
Compliance with HIPAA requirements
Our BGaze systems handle sensitive data about the health of people with special rigor, complying with all the requirements of the HIPAA regulations. The access to our software and our databases requires user identification and password; the data is stored in encrypted form and the communication of this data between the cloud and its local application is also done with encryption. In addition, our systems have a double ‘back-up’ in several physical places that is also encrypted.
Use of sensitive health data in aggregated or anonymized form
As part of our ‘Machine Learning ‘ approach, we use certain data of yours (and of your clients, whose diagnostic processes include a use of the BGaze system) that have to do with aspects of your (or their) health in an anonymized and / or aggregated way, always ensuring that no person is identifiable by this use.
How much do we share the information
As a general rule, WE DO NOT SHARE your personal information; except in some specific cases defined below.
If you ask us or you explicitly authorize us
If you use our Services and in this process you give us explicit consent to share your personal data with entities and / or specific persons, for example because you want them to review your case, or because you collaborate in a scientific investigation.
Service providers that require this data
We share minimum information with our corporate affiliates, service providers and other partners who process it for us, based on our instructions and in accordance with this policy and any other appropriate measures of confidentiality and security. These partners provide us with services worldwide, including development, maintenance, customer support, information technology, payments, sales, marketing, data analysis, research and surveys. They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose it or use it for other purposes.
The law, the damage and the public interest
We may preserve or disclose information about you to comply with a law, regulation, legal process or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect or investigate illegal activity, fraud, abuse, violations of our terms or threats to the security of the Services or the physical security of any person.
Our policy is to notify you of the legal process seeking access to your information, such as search warrants, court orders or subpoenas, unless the law prohibits us from doing so. In cases where a court order specifies a period of non-disclosure, we provide a delayed notice after the expiration of the non-disclosure period. Exceptions to our notification policy include demanding or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.
We may share aggregated non – personal information or de – identified so that it can not reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports on mental health, to partners under confidentiality agreement with us, or as part of the comparative assessment information offered to investors or others interested in the company as an investment object.
Rights of access and control of personal data
During the configuration of the account you can define how to control your personal data. You will also have to accept during the installation process the fact that BGaze saves data about your clients. We require that you inform your clients of these conditions so that they are aware that their data will be stored in our system. More specifically, the following aspects are defined.
Access and data export
During a session of interaction with our system, you can access much of the information you have provided, including those of your clients / patients. Both during the use of our systems according to any use agreement, and after terminating an agreement of use, you can consult your previously captured data and even export your data from the BGaze application in a format that you can use to import them into another application.
What happens to your data if you are no longer a BGaze paying user ?
If you decide to stop using the BGaze tool to improve your diagnostic work, you can continue to use the data collected during its use; the local application on your PC will continue to work offering access to all your data stored in a local database.
We will retain anonymized information from your clients / patients after their use agreement has been terminated. Other information that you have shared with us (for example, ‘input’ from parents, teachers, collaborators, health professionals , researchers ) is included in this anonymized information.
Objection to the use of data
If so required by any law that is above this User Terms and Conditions, we will offer you the possibility to object to the use of such information as defined in the above paragraphs on how we use information. You also have the general right not to let us use your information for marketing and direct sales. You may change some of your preferences in your account settings or you can contact us through firstname.lastname@example.org.
How to communicate if you want to define more about the use of your data
If you need more help regarding your rights, please contact our Data Protection Officer at email@example.com . If you live in one of the countries of the European Union (EU), the European Economic Area (EEA) or Switzerland, you also have the right to file a complaint with the local data protection authority.
We keep all information about your account for as long as your account exists. We also keep information about you and your use of the Services for an indefinite period of time for our legitimate business interests including for legal reasons.
Analytics and Advertising Services Provided by Others
Data of minors
Here we refer to people under 18 years of age. Some of our Services are directed to, and validated for, minors. Only for these Services, we collect personal information from minors in relation to relevant characteristics for a diagnosis and / or treatment.
When our Services intended use require asking for personal information about children, it is necessary that the clinical-professional user of our Bgaze system who uses our Services in their clinical work notifies the parents (a parent or legal guardian) about the information practices regarding to children, including the types of personal information we can collect from children, the uses to which we can put that information, and with whom we can share that information. According to applicable laws, you must even obtain the consent of parents or legal guardians for the collection of personal information of your children, or for sending information about our Services directly to your children or guardians and others in the environment of these children.
We on our part limit the personal information of children that we keep to what is strictly necessary to participate in the applicable Service and we give parents or legal guardians access or the possibility of requesting access to the personal information we have collected from their children and the possibility of requesting that personal information be changed or deleted.
Parents who believe their child has sent us personal information and wish to have it removed can contact us at firstname.lastname@example.org
Security of our communication systems and information
We implement security systems such as HTTPS and advanced 128-bit encryption. We monitor our systems to detect possible vulnerabilities and attacks. However, it is not possible to guarantee 100.00% the security of information sent to us. There is no infallible guarantee that the data cannot be accessed, revealed, altered or destroyed due to the breach of any of our physical, technical or management safeguards.
If you have any questions related to safety information, contact our customer service at email@example.com
Our international operations and data transfers
In these information transfers we will always take reasonable measures to ensure the privacy of personal information. If we use or disclose personal information transferred from the European Union, we use means in accordance with European Union law to guarantee adequate guarantees.
The countries in which our services can be contracted may have privacy and data protection laws that differ from the laws of the countries where we are legally established . You accept this fact when you create an account for a BGaze system . If you later change your mind about this matter, you can delete your BGaze account as described in the relevant section.
Changes to this policy
How to contact us
If you have questions, suggestions or concerns about this policy or about the use we make of your information, please contact us at firstname.lastname@example.org
If you live in one of the countries of the European Union (EU), the European Economic Area (EEA) or in Switzerland and wish to exercise some of your legal rights, please contact our data protection officer at email@example.com
You can also contact us by mail at:
Effective: May 25 , 2018