LOGEX Privacy Statement for patients in the context of scientific research within ARWEN

General information

This Privacy Statement sets out how LOGEX International Healthcare Analytics B.V. and its group companies use and protect any personal data of you for the purposes of data analyses, the creation of reports and benchmarks, the performance and reporting of retrospective database research, or any other type of processing in relation to (scientific) research within the scope of our Actionable Real World Evidence Network (ARWEN). Reference in this statement to “LOGEX”, “we“ or “us” shall mean LOGEX International Healthcare Analytics B.V. and any of its group companies.

Below we explain what personal data we process as data controller, for which purposes, and how we ensure that your personal data is being collected and processed in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR).

The scope of this Privacy Statement is limited to the use of your personal data for purposes of scientific research within ARWEN.

This Privacy Statement does not apply to our processing of personal data as a data processor on behalf of hospitals, as controllers, to improve care for patients. If you want more information about that, you can contact us at info@logex.com and we would be happy to answer any questions you may have.

For purposes of this Privacy Statement, “personal data” means any information that relates to you and identifies you personally, either alone or in combination with other information available to us.

Joint Controller

In the context of scientific research, LOGEX may qualify as a controller within the meaning of GDPR. In case we act as a joint controller (for example in research collaborations), we will agree upon a joint-controller agreement with the other controller(s). The joint-controller agreement will contain – at its minimum – information about the responsibilities of the controllers in regard to GDPR compliance.

Which types of personal data do we collect, for which purposes do we use them and on which legal bases?

Any personal data provided to LOGEX related to any type of scientific research will be used solely for that purpose. The types of personal data may include your name, age, date of birth, contact details, and additional personal data related to your health and medical history. Generally, we only process data that is already available as a result of your treatment in a hospital (retrospective study).

We process your personal data based on a legitimate interest (art. 6(1)(f) GDPR), for the purpose of scientific research (art. 9(2)(j) GDPR) and/or your consent (art. 6(1)(a) and art. 9(1)(a) GDPR). In the case of the latter, we will make sure to ask for your explicit informed consent.

The privacy and security of your personal data always comes first. With the personal data received, we can do scientific research which is important for public health and can give an insight on e.g., drug use, the way patients are treated in hospitals, and/or the impact of a drug on the hospital. We aim to speed up the generation of insights in the real-world to provide actionable insights to improve healthcare.

How long do we keep your data?

We retain your data for as long as reasonably needed for the purposes listed above. After that time your personal data will be erased (unless we have the statutory right or obligation to further keep this data).

With whom do we share your data?

We do not disclose your personal data to third parties, except to researchers from academic research institutes, universities, or university hospitals that participate in the research if required. Prior to signing the agreement for the scientific study, it will be disclosed which parties we collaborate with in the specific research. If data is shared with researchers, this is always in pseudonymised form.

Your personal data will never be disclosed to the financial sponsors of the research, such as a pharmaceutical company, even if that pharmaceutical company participates in the research and qualifies as joint controller within the meaning of GDPR.

How do we protect your data?

We are committed to ensuring that your personal data is secure. In order to prevent unauthorized people or parties from being able to access your data, we have put in place a range of technical and organizational measures to safeguard and secure the information we process from you.

What are your rights?

You are entitled to ask us for an overview of your information or ask for a copy. You may also ask us to correct or erase certain personal data and restrict its processing. In some cases, you may also object to the processing of your data and, where we have asked for your consent to process your data, you can withdraw this consent at any time.

If you have any questions or wish to exercise any of these rights, please contact us using the details below. When addressing us, please always provide your name, address and/or email address, as well as information about your request.

Changes to this Privacy Statement

We may update this Privacy Statement from time to time to keep it up to date, to keep pace with new developments and opportunities relating to the Internet, and to stay in line with applicable law.

If we make significant changes to this Privacy Statement, we will inform you by posting a notification on the website along with an updated version of the Privacy Statement.

If you have any questions about your data

We hope this Privacy Statement satisfies any queries you have about the way we process your data. Should you have any further questions or comments about how we process your personal data please contact us at info@logex.com. You can also directly contact our Data Protection Officer at bonthuis@itsprivacy.nl. If you have any unresolved concerns or complaints about the way we handle your personal data, you also have the right to complain to the data protection authority of the country in which you live or work or the country in which we are located.