This section describes which data we collect and what we collect it for so that you can ensure that the privacy of Atopic App users is not just important to us but a priority. Personal Data that You Provide Directly to UsGeneral Information
When creating an account for using the Atopic App, you provide us with the following personal information:
- e-mail address;
- date of birth;
- who has been diagnosed with AD (status "person with AD", "parent of a person with AD", "relative of a person with AD", "doctor").
By using the Atopic App, you can also provide information about yourself (your relative or child) related to well-being and/or skin condition, for example:
- a list of potential triggers of flare-ups;
- names of skin care products, medicines and the frequency of their use;
- photos that you upload and see after being processed by an AI model.
In using the app, the results of the POEM questionnaire and photo recognition made by the AI model ("severity" and skin lesion percentage), as well as data in the Reports section ("POEM", "Triggers" and "Action Plan" reports) are automatically generated based on the data that you enter. Personal Data We May Collect Automatically
When you access or use the Atopic App, we may collect the following data automatically: device information:
- hardware model;
- information on the operating system and its version;
- unique device identifiers (for example, IDFA);
- mobile network information.
app usage data, including the following:
- IP address;
- time zone;
- information on your mobile service provider.
- frequency of use;
- the functions used and the sections of the Atopic App that you visit;
- how the Atopic App has been used;
- interest in any function
We also reserve the right to use industry-wide cookie technology. Cookies are small pieces of text data that are stored in a web browser and allow the identification of the User.
- user identification when they visit the website;
- ensuring the proper operation of certain functions;
- detection and prevention of malicious activities;
- collection and processing of analytical data to improve products and services;
- saving user settings;
- displaying the most relevant ads.
Principles of Processing and Using Personal DataData Minimization and Targeted Use
We will not process your personal data in a manner that is incompatible with the purpose for which the data was collected, nor will we collect data that is not required for this purpose. Otherwise, we will seek your separate express consent.
Under no circumstances will we sell, disclose or transfer your personal data to third parties.
We respect your privacy.
Taking into account the possibility of using Atopic App by EU residents we take all appropriate technical and organizational security measures required to protect your personal information from improper access, change or destruction and ensure transparency in the process of collecting, storing and processing data. In particular, we use AppMetrica mobile analytics service and Google Cloud Platform that meet the GDPR requirements, which is confirmed by the documentation on the official websites: https://appmetrica.yandex.ru/docs/data-security/gdpr.html
. How Do We Use Your Personal Information?
We may use your e-mail address and your name in the following cases:
— to create an account in the Atopic App and identify you as a registered user;
— to send you messages related to your account in the Atopic App;
— to fulfill a request to upload your data from the Atopic App or delete your account
— to send letters to the specified e-mail address in order to inform you of new products, events and to implement other marketing tasks.
Other personal data (sex, date of birth, country of people who have been diagnosed with AD) and data related to your well-being and/or skin condition that you enter into the Atopic App or that are generated automatically as the app is used (triggers of flare-ups, medicine names, skin care products and the frequency of their use, the results of the POEM questionnaire, the data in the Reports section, photos and the AI model's recognition results) may be used to collect statistical data and to further analyse them in an anonymous form in order to better understand the disease, evaluate the effectiveness of treatment measures, expand functionality and enhance the user experience of all Atopic App users to monitor and boost physical well-being with AD.Your Rights and Control of Your InformationYour Consent to Data Processing
We cannot stop children under 18 from downloading the Atopic App, the app is not, however, intended for use by individuals under 18. If you are under 18, please discuss with your parent or guardian the possibility of creating an account and using the Atopic App to monitor and boost your well-being with AD if you have been diagnosed with it.
We grant broad rights in relation to your personal data confidentiality, namely:
— Rectification of personal data
If any information that you have entered into the Atopic App is inaccurate, outdated or incomplete, please contact us via our contact form in the app or by email email@example.com. We will do our best to rectify such information.
— Right to access your personal data
You have the right to request information about your personal data held by us, to access your personal data and receive a copy thereof, including in a structured form in a portable format (.json). This can be done using the "Upload Data" function in the app. Pursuant to the requirements of existing laws, we commit ourselves to maintaining you informed of any violations concerning your personal data.
— Deletion of your personal data
You can ask us to delete your personal data if you withdraw your consent to processing it by sending a letter to firstname.lastname@example.org or through the "Delete Account" function in the app. Please note that after deleting your account, you will not be able to retrieve any data previously entered into the Atopic App.Additional Information
To exercise any of your privacy rights, please contact us via our contact form in the Atopic App or by email email@example.com.
We will ensure that such rights are exercised within 30 days of receiving your request. If we need more time, we will inform you thereof and explain the reasons for the delay.
We also would like to draw your attention to the fact that we reserve the right to reject requests if they are not explicitly justified or are redundant (repetitive). Furthermore, in certain cases, we may require you to undergo additional verification and verify your identity to make sure that the request comes from the same e-mail address that you provided when registering with the Atopic App. This is to ensure that the response to your request does not violate the rights of third parties.Generalized Information for Research Purposes
We may aggregate, anonymize or depersonalize your personal data in such a manner so that it cannot be used to identify you. As such, data is no longer considered personal data. We may share this data with doctors, scientists, research institutions. For example, we may share aggregated statistics relating to certain activities in the Atopic App, information on triggers or treatment regimens which were derived from data collected to identify meaningful patterns among app users, and use the data in scientific articles and publications, including in social networks. The disclosure of such data to interested and competent persons contributes to the success of scientific research, improvement of existing and faster search for new and effective solutions for atopic dermatitis.Personal Data Storage
We will store your personal data for as long as your Atopic App account is active, thus ensuring full access to all app features.
If you decide to remove the app, or if your account is inactive for some time, we will retain your personal data for a reasonable period in case you decide to start using the app again.
This will allow you to save your data accumulated for the entire period of app usage, and, if necessary, provide this data in the future at a doctor's appointment to analyze the history of changes and choose further treatment policy.Personal Data Protection
Given the nature of the personal data we process (including data related to well-being and/or skin condition), we take all reasonable and appropriate measures to protect all collected personal data against loss, theft, misuse and unauthorized access.
To protect your personal data, we implement, among other things, the following information security measures:
- Encryption of your Personal Data during transmission and storage;
- Pseudonymization and tokenization of certain categories of your Personal Data;
- Systematic vulnerability scanning and penetration testing;
- Access level differentiation. Employees of AVANTATRADING OOO and members of the Atopic App team have different levels of access to your personal data; only employees who are responsible for smooth app operation and data management within the scope of their functions are allowed full access.
You should understand that no security system is perfect, so we cannot guarantee the complete security of the app, nor can we guarantee that information you supply will not be intercepted while being transmitted to us. Thus, each user's responsible attitude towards their data confidentiality is no less important. In particular, we recommend that you do not allow other persons to use your mobile device if there is a risk of unauthorized access to your personal information and other data that you enter into the Atopic App. Security Breach
If you want to report an app data security breach, please let us know by email firstname.lastname@example.org. Storage and International Transfers of Personal Data
The company is located in the Russian Federation and actions with regard to the Personal Data we collect are governed by the laws of the Russian Federation. Please note that the laws of the Russian Federation and other countries' laws may not ensure the same degree of protection as the laws of your jurisdiction.
Furthermore, you agree that the collected Personal Data may be stored and processed in the United States, the Russian Federation and the EU, where the Company may rent servers, or in any other country where the facilities of the Company or its branches, subsidiaries or agents are located, and by using the Application you consent to any such transfer of Personal Data outside of your country. Miscellaneous