Deniplant, Ego-Deniplant and Magazin Deniplant do not store personal data
That’s why when registering as a user, we ask you to use a different name and surname than the real ones.
Thus, all the records you add to the application cannot be correlated with your person, and the data are anonymized as provided by the GDRP legislation
The email address is only necessary to recover your password if you forget it
The main purpose of the EGO application is to allow users to remember and process all their habits that are related to their health and their microbiome: food, sports, hygiene, physical and emotional ailments and to share the data entered in the application with the doctor them, if they choose to do so. Doctors will view the information uploaded and shared by the users of the application, in order to provide advice and medical guidance to allow the user to better manage his symptoms and health condition. The application only provides information from users and it remains for doctors to use their professional reasoning to provide relevant advice.
The EGO application offers you an anonymous account type. All new user application accounts are by default Anonymous accounts.
Only if you choose to share the data from the diary with the doctors, they will know who is the person who recorded the data and they will become de-anonymized and can be processed by them, they being responsible for data processing and manipulation according to GDRP
For anonymous Accounts, EGO – Deniplant tries to operate based on the fact that it does not process your personal data. To do this, we request that your account be registered with an anonymous username, unique to EGO – Deniplant, which will not identify you personally. In addition, personal identification data must not be entered in the application for users. Both conditions are implemented to protect your privacy.
Any data you enter in the EGO app is stored securely in your account and is only accessible when you log into your account using your username and password. Optionally, you can also share or revoke access at your dates with your doctors at any time.
Important information and who we are The operator of anonymized data is Giurgiu V. Gheorghe PFA registered in Romania under the number F23/225/13.03.2013 CUI 31352864 with its registered office in Romania Ilfov county, Oras Voluntari, Str. Stefan the Great, no. 6
It does not include data for which your identity has been removed (‘Anonymized Data’).
The term ‘personally identifiable health information’ refers to personal data that is classified either as health data from special categories in accordance with the Romanian GDPR, or as personal health information in accordance with HIPAA.
In the sense of the applicable Data Protection Law, EGO – Deniplant operates and processes anonymized personal data.
The operation of our platform and services
When the user application is used with an anonymous account, the information you upload will not be considered personal data as long as you upload your information using a username that does not allow you to be identified and do not provide other personal information that to identify you. Your anonymized personal information is stored on the servers of our provider in Romania.
If you request that your information be shared with doctors or other health professionals, your information will be shared securely from servers in Romania
Only those doctors with whom you have chosen to share your data from the diary will be able to see your de-anonymized information. If you choose to share your information with your doctor, you must agree with your doctor that he can process your data with personal and will be considered a data controller for the information then in their possession in accordance with the Romanian GDPR or as a Covered Entity or business associate under HIPAA, as the case may be. You must be satisfied that your doctor will legally hold and process your personal data in a manner acceptable to you.
We cannot control their use once you share your data.
We may also invite you to join our email list for marketing purposes. Any personal information collected for marketing purposes will not be linked to EGO application accounts.
When you download and use our Services, we automatically collect information about the type of device you are using, operating system, resolution, application version, language, time zone and IP address. We use Google Adsense to serve ads that collect mobile device identifiers (such as your device ID, advertising ID).
We automatically collect information about your activity through our Services, such as the date and time you used a service, the functions you used, the history of in-app purchases, subscriptions, interaction with advertisements and data generated when you use our Services.
Location and other information
We may collect, with your consent, other information, such as precise geographic location (latitude and longitude) using information including GPS, Bluetooth or Wi-Fi connections.
Information we obtain from third parties
We may receive information about you from our third-party service provider (mainly Google Analytics), which collects this information through our Services in accordance with their own privacy policies.
Health data and data of special categories
The information you provide when using our Services may include health-related information, such as details about symptoms, medications, dietary information, personal notes or any other information uploaded to the Platform. all these data are anonymized as long as we did not know your name
We use Google Analytics. The information generated by the Google Analytics cookie (including your IP address) will be transmitted and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our websites and/or our services, preparing activity reports and providing other services related to activity and internet use.
Also, Google can transfer this information to third parties, if this is required by law or if third parties process the information on behalf of Google.
Children under fourteen
We do not knowingly collect personally identifiable information or Personal Data from children under the age of fourteen. We require age confirmation when using the application and if you are under fourteen years of age, you should not use our application without involving a parent or guardian. If you are a parent or guardian and wish to use the application for a person under the age of fourteen, you can do so in accordance with the Terms and Conditions of our platform and services, we rely on your consent to comply with the terms and this policy.
To provide and maintain our Services, including to register you as a new user, to recognize you when you return to our applications and to carry out essential business operations, our legal basis for processing is the execution of a contract with you that you have signed with us when you download our Services and accept our End User License Agreement.
In order to administer and protect our Services (including troubleshooting, data analysis, testing, assistance, fraud, reporting and data hosting), our legal basis for processing is our legitimate interests in conducting our business, providing administration and services.
. We may also contact you through surveys to conduct research about your opinion of our Platform and Services.
Healthcare providers or researchers (generally, they would receive anonymized aggregated data for medical research purposes, which is not personal data, but if pseudo-anonymized, may revert to personal data); and
Third-party analytics partners to analyze website traffic and understand customer needs and trends or with our third-party marketing service providers to help us communicate.
We can use Google Adsense, which offers ads in our mobile and web applications:
Google’s use of advertising cookies allows it and its partners to serve ads to your users based on their visits to your sites and/or other sites on the Internet.
Users can opt out of personalized advertising by visiting Ads Settings (https://www.google.com/settings/ads).
Note: We do not disclose any personal information to advertisers, and we ourselves do not sell personal data to advertisers.
For corporate transactions
We may transfer your anonymized data if we are involved, in whole or in part, in a merger, sale, acquisition, assignment, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
When required by law
We may also share Personal Data if we have an obligation to disclose or share your Personal Data to comply with any legal obligation or to protect the rights, property or safety of our business, our customers or others .
To enforce legal rights
We may also share Personal Data: 1. If disclosure would mitigate our liability in an actual or threatened lawsuit; 2. if necessary to protect our legal rights and the legal rights of our users, business partners or other interested parties; 3. to implement our agreements with you; and 4. to investigate, prevent or take other measures regarding illegal activities, suspected fraud or other wrongdoing.
Cross-border data transfers
We have implemented appropriate security measures to prevent the loss, use or accidental access of your anonymized data in an unauthorized way, modified or disclosed.
Your passwords are stored in the EGO – Deniplant database in encrypted form. We do not disclose your account details or email addresses to anyone, unless we are legally required to do so. However, it is your responsibility to keep your password safe.
For Anonymous Accounts, you must make sure that the username you create to upload your data in the EGO application does not allow personal identification of your data and is not used in other applications or programs. If you request that your information be shared with doctors or other health professionals, your information will be shared securely from the servers in Romania to the Consultations application.
Wherever data is stored, whether on a mobile device or on our servers, it is encrypted to protect your privacy.
All data is encrypted in transit between the mobile application or web browsers and our servers and internally between our servers.
The information between the browser/application and the Platform is transferred in encrypted form using Secure Socket Layer (SSL). When transmitting sensitive information, you must always make sure that your browser can validate the Platform’s certificate.
We will retain and use your anonymized data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), to resolve disputes and to our legal agreements and policies apply.
We will keep your anonymized data for at least six years from the date of the last interaction for insurance and liability purposes. If you stop using our Services, you will be able to re-register and access your Personal Data within six years.
Keeping your anonymized data will be reviewed regularly and at least once every six years for relevance.
If we have taken steps to anonymize your personal data (so that it can no longer be associated with you), we may use it indefinitely for analytical, research and statistical purposes and to help us we improve products and services.
Your right to withdraw your consent at any time
Your right to access the anonymized data we hold about you
You have the right to make a request for access to your anonymized Data collected through our Platform and Services (known as a ‘Data Subject Access Request’ or ‘SAR’).
We aim to respond electronically to all SARs within one month. In circumstances where it may take us more than a month to respond (for example, if your request is particularly complex or if you have made a series of requests), we will let you know. We do not charge a fee for responding to a SAR. However, we may charge a reasonable fee if your SAR is found to be unfounded or excessive.
Please try to resolve any issue with us first, although you have the right to lodge a complaint with the Office of the Data Protection Commissioner at any time regarding our processing of your personal information.