We take seriously the protection and privacy of users of our online and mobile applications, and take the measures required to safeguard them.
When they first register on the Mon Gustave Roussy (online or mobile) application, users must provide the following data:
• First name,
• Phone number,
• Email address,
• Date of birth,
• Name at birth,
During medical supervision, users will be required to provide other personal data (the content of which will depend on the protocol defined by the healthcare institution).
By default, Nouveal also collects identification data and information provided by the user’s platform. This is intended to ensure the smooth functioning of the service. These data are anonymised before they are processed.
The personal data collected via the application are used to create and provide access to Mon Gustave Roussy.
The data entered on the various forms, check lists and questionnaires will solely be used by the Healthcare Institution to prepare the User’s hospitalisation and/or monitoring of the User when they return home.
The identification data are used to:
• Draw up anonymous statistics on use,
• Carry out operational maintenance of Mon Gustave Roussy, and
• Provide a push notification service.
Data linked to monitoring may also be stored in the medical record of the healthcare institution if interoperability is introduced between the two systems.
The retention periods of the data correspond to the legal periods (10 years after the death of the patient, or 20 years after their last stay in the healthcare institution).
Users can exercise their rights to access, rectify, restrict or object to processing, portability and to be forgotten, under the conditions specified by the General Data Protection Regulation, by contacting the data protection officer of the healthcare institution.
When they create their account, users must accept the personal data management policy to be able to use Mon Gustave Roussy. They can withdraw their consent at any time by contacting the data protection officer of the healthcare institution.
The personal data that are collected via the Mon Gustave Roussy applications are stored in a secure environment (cf. previous paragraph). Those working for Nouveal or its subcontractors are required to keep the information to which they have access confidential.
Nouveal applies the following measures to ensure the security of the personal data:
• SSL (Secure Sockets Layer) protocol
• Access management – authorised persons and data subjects
• ID / password
Nouveal undertakes to maintain a high level of confidentiality by incorporating the latest technological innovations to ensure the confidentiality of transactions. However, as no mechanism is entirely secure, there is always a risk involved when using the internet to send personal data.