We’re committed to safeguarding your privacy.
This is because we do require the minimum quantity of data we request in order to provide you with a safe and effective medical device.
1.1. The personal data SkinVision collects
To be able to help you monitor the health of your skin, certain information is necessary for us to be able to provide you with our Services. You can sign up for our service in the App using your email address. We collect information about the device you use to access our App or Websites. The type of information we collect can, for example, include the type of your device, the software you use, location, device language and your IP address. In addition to this, we collect the data you provide in the App including the answers to the questionnaire regarding your skin profile and the pictures you take.
1.2. Why SkinVision collects your data
We use your data to assist you in the best possible way, and provide you with a safe and effective medical device. We need certain data in order to provide you with our full service and assist you with your health journey. We may also use your data for clinical and research purposes to improve our service. Furthermore, your information may be used for customer service, marketing, communications, and for legal purposes.
1.3 SkinVision through your health insurance company
When you access SkinVision Services through your health insurance company, we may process additional data.
1.4. SkinVision and third parties
SkinVision has third party service providers that help us provide or improve our service, this includes service providers, payment providers and financial institutions, business partners or research institutions.
1.5. SkinVision and social media
On our Website, we have share and like buttons to enable you to share our content with your network.
1.6. Privacy, data security, and data retention
SkinVision has implemented various measures and procedures to safeguard your personal data, as stipulated by European and Dutch data protection law. We will retain your data for 12 months after you unsubscribe from our service.
1.7. Personal data of children
Our service can only be used when you have reached the age of eighteen (18) years or when you are older.
1.8. Your rights – access to your information
At any time you can make a request to review, correct, delete, obtain your data. You are also entitled to withdraw consent for the processing of the personal data we hold of you. You can do this by mail or email, using the addresses listed below. You also have the right to contact the Dutch Data Protection Authority when you have concerns about your rights.
You can also request that SkinVision deletes your personal and health data. In that case, you can send your request via email@example.com.
1.9. Responsible party for the processing
SkinVision B.V., located in Amsterdam, The Netherlands, is the owner and operator of the service and is the controller of personal data processed via the Website and the App.
Please find the full explanation on how we process your data below.
2. The personal data SkinVision collects
2.1 Personal data you provide to us
The data you provide to us is collected and used (“processed”) by us to provide you with our best service. The minimum information you are asked for to provide us is your first and last name, date of birth and email address in order to access our service.
In our App, you can provide further information regarding your skin type and risk profile. We also collect the pictures you take of your skin lesions and the way you store, organize and comment on them. Without your explicit consent, we are not allowed to store this type of information, and we cannot provide you with our service.
Other information we collect is your payment information and the information you provide to complete your personal profile: your first name and last name, profile picture, gender, date of birth, location, phone number, language.
When you use our Smart Check services and submit a picture of your skin lesion for analysis by our service, we store the pictures and collect the information of your assessment. We do this to be able to assist you with your health journey. We will ask for your explicit consent to allow us to store this type of information before you use such service, without your consent we cannot provide you with our service.
As part of your health journey, we may send you follow-up emails regarding the provided advice and to assist you by reminding you to seek medical attention when necessary. If you wish to reply to these emails and get in touch with our Customer Support we will collect the information that you provide in these replies from you too.
When you use our App, we also collect data that identifies your mobile device and your use of the platform. The information we store includes notification access, device-specific settings and characteristics, system activity, location details, IP address, language settings, app crashes and other device event information, access data and times of your usage of the app.
We collect information when you give us feedback via your Apple App Store, Google Play Store or the questionnaire.
2.2 Personal information you provide us regarding the health of others
Our service is exclusively meant for your personal use. If you want to help others, please do so by encouraging them to download their own version of SkinVision. This will help them with their health journey and ensures that any health-related messages will be delivered to the right person.
2.3 Automatically collected personal data
During your visit to our Website or App, we automatically collect certain information of you, your visit of the service and the device you are using. This data includes data on the hardware, software, operating system, internet browser, IP address, language and application settings and version. We also collect data about when and how you used the service, including interaction with the elements on it and which pages you visited in the App or on the Website.
3. Why SkinVision collects your data
We use your data to assist you in the best possible way, your data may be used for the following reasons:
Health journey: The main reason why we collect your personal data is to supply you with our core service: assistance with your skin health journey and assist you with the early detection of irregular patterns on your skin, which can be a potential sign of the development of skin cancer.
Management and improvement of our Services: We use your information to manage our Website, App, and business and to improve our services continuously.
Customer Service: Our customer service is here to help you and we use your data to do so. We may send you email notifications and/or in-App messages relating to the results of the analysis, this includes emails in which we provide you with information and ask you to provide us with information about possible follow-up actions.
Marketing: In order to keep you informed, we may send you communications relating to our business, by email or other contact details you provided to us. If you submit personal information for publication on our Website, we will use that information in accordance with the license you grant to us.
Communications: We will send you communication regarding assessments you make via the App. If you opt-in for our mailing list, we may send you non-commercial communications, including our newsletter. When you use our services, we may send you a questionnaire or invite you to provide a review of your experiences with our service. We also may get in touch with you regarding feedback, inquiries, and complaints you made regarding our Website and App.
Research activities: In order to support the research on skin cancer and detection methods, we may use your data, pseudonymized (without a direct link to your identity) or anonymized (without us being able to identify you at all), for research purposes. This may include sharing your data with carefully selected third party research institutions. By uploading your images in the App, you explicitly consent to the images being processed for the purposes of the provision of the services and to be used anonymously for the purposes of research and testing of our services. As such, your images may be reviewed by our employees or third-party consultants who work for us and who are bound by strict confidentiality.
We collect and process your data based on the following legal grounds:
Contractual necessity: In order to fulfill the contract you enter into with us when you use our Services, we have to process some essential information. When you wish to use one of our paid services we may need to process your email address, pictures of skin lesions, risk assessment, payment information.
Legitimate interests: We are committed to improving and growing our service. Some of your data can help us to improve and promote our Service and Website, other data we may need for administrative, legal purposes or anti-fraud activities.
Legal obligations: We have to comply with certain laws and (country specific) regulations. In order to comply with these, we need information about your location and date of birth.
Consent: For certain promotional and marketing activities, we may ask additional consent. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Policy.
Explicit consent: Data regarding the health of your skin and risk assessments is a more sensitive category of data. In order to lawfully process this data for you, we will ask your explicit consent before we can assist you. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Policy. When you withdraw your consent, we will not be able to provide you with our Services and you should discontinue using our Services.
4. SkinVision through your health insurance company
When you access SkinVision Services through your health insurance company, we may process additional data. For example, we may ask you to fill in your personal identity number if we are required by local law to process this information before we can provide you the service.
5. SkinVision and third parties
For some specific reasons, SkinVision may share your personal data with carefully-selected third parties. These parties are Processors for your personal and health data. Please find an up-to-date list of the categories of our third parties here:
Receiving feedback on how users appreciate our service is of vital importance. We use Satismeter to ask users to provide the Net Promotor Score (NPS) and leave their remarks. We therefore share the email address of our users.
We use Branch.io in our service to allow deeplinking into our applications. This way we can provide a seamless user experience.
Crashlytics is used for recording crash data and providing this back to our development team so that we can continue making our service better continuously.
Our app uses Firebase for analytic purposes and to send you push messages.
We use Leanplum as a marketing automation and customer support tool.
Sendgrid handles sending any service mails that we need to deliver as part of the SkinVision Service. We therefore share the email address of our users.
We occasionally use Survicate and Survio for sending out surveys to some of our users to receive feedback on our service. We therefore share the email address of our users.
Twilio handles sending any SMS text messages that we need to deliver as part of the SkinVision Service.
We use Zendesk as our main customer support tool for handling emails.
For scientific research purposes, we share data with Erasmus MC and TTP Zorg
We provide aggregated and anonymised data to your insurance company
6. SkinVision and social media
SkinVision uses social media for various reasons.
On our Website, we integrated social media like and share buttons (Facebook, Twitter, LinkedIn, Reddit), which allows you to share the content you like directly with your network. The social media plugins may process your personal data when you choose to share or like any content of our Website with your network. SkinVision does not control and is not responsible for, the processing of personal data by these networks.
7. Data privacy, security, and data retention
All data you provide to us and we collect from you is stored on secure cloud servers (the Servers) in the territory of the European Union, or stored by trusted third party service providers outside of the EU, which are held to similarly high standards. As a result, your personal information may be transferred to and stored at a destination outside your country. By submitting your personal information, you agree to the transfer of your personal information to the servers.
Personal information may also be processed by staff or by other third party service providers operating outside your country who work for us. We take such steps as are necessary for the circumstances to ensure that any third party service providers treat your data securely and in accordance with applicable laws.
7.2 Data security
All data that you provide through the App and/or the Website is encrypted when it is transferred to or from the servers using industry-standard encryption (TLS). Furthermore, data is stored in encrypted form when at rest on the servers.
We store your account information and your digital images in separate data stores. The cloud server infrastructure is protected using firewalls and monitoring.
We work with appropriate procedures to prevent unauthorised access to and/or misuse of your personal data.
SkinVision uses appropriate procedures and business systems to safeguard your personal data. Furthermore, we use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel can access your personal data.
7.3 Data retention
SkinVision will destroy or de-identify your personal information once it is no longer required for the purpose or purposes for which it was collected.
If you terminate the Services and delete your account, we will retain your personal information for a period of 12 months, after which we will delete your data. We will retain the images you have uploaded prior to termination in anonymous form only, for the purposes of medical, clinical and commercial research, and for testing of the Services. We will ask for your consent to process your data anonymously for research purposes.
We will retain (electronic) documents containing personal information:
to the extent that we are required to do so by law;
if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
8. Personal data of children
Our service can only be used when you have reached the age of eighteen (18) years or when you are older. When we identify personal information of children younger than eighteen (18) years old, we shall delete the data based on our legal obligations.
9. Your rights – access to your information
We will, upon your request, provide you with access to your personal information that is held by us. We will provide the data to you in a structured, understandable and machine readable way. We request that you provide us with appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address). We will require you to make your personal identification number and picture invisible to us.
In your request for access, we also request that you identify, as clearly as possible, the type(s) of information you wish to have access to. We will comply with your request to provide access to your personal information within 30 days and if you agree, we may charge you our reasonable costs incurred in supplying you with access to this information.
At any time you can make a request to review, correct, delete, or obtain your data. You can also withdraw consent for the processing of the personal data we hold of you. You can make such request by mail or email, using the addresses listed below. You also have the right to contact the Data Protection Authority when you have concerns about your rights, or if you feel that we are unlawfully processing your data.
You may oppose the processing of personal information concerning you, even if they are relevant to the purpose of the collection.
You may instruct us at any time not to process your personal information for marketing purposes and we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
10. Responsible party for the processing of your data
The Websites and the Application are owned and operated by SkinVision B.V., our principal place of business is at Kraanspoor 28, 1033 SE Amsterdam, The Netherlands. You can contact us by writing to the business address given above, by using our Website contact form or the feedback form in the App, or by sending an email to the Data Privacy Officer at firstname.lastname@example.org.
Date of publication: 17 sep 2020.