Date of last revision: 23/11/2020
LynxCare helps hospitals to process medical data – including personal data - in their custody, so the hospital, their doctors and other healthcare professionals can improve care, improve patient outcomes and participate in research.
On behalf of these hospitals, LynxCare processes the (health) personal data. In these cases, LynxCare will always act as "processor". LynxCare itself is not a controller in the processing of these personal data, because it only processes the personal data on behalf of the hospital, according to the order statement of the hospital. The hospital will always act as the controller. The controller is at all times the party that determines what will happen with the data, LynxCare only works on behalf of this party. The goal of the data processing is either improving care for patients, quality control of healthcare delivery and/or research. The hospital, as a controller, is responsible to inform patients about the data processing and/or gather required consents.
LynxCare takes its responsibilities as processor of (medical) data very seriously. That is why an additional GDPR note has been added to the contract for each collaboration, in which the roles and responsibilities are extensively documented.
If you would like more information about this prior to a collaboration, you can always request this documentation via the form below.
It is of course important that all processed personal data is very well secured. This is an absolute priority for LynxCare. That is why LynxCare has implemented the following standards within the organization:
Both standards have been implemented within the organization and LynxCare will soon be audited against these standards in order to obtain the certificate for them. The certificate is proof that a third party has verified the operation of the standard within the organization and that the ISMS meets all requirements.
Date of last revision: 23/11/2020
LynxCare is committed to protect your privacy and takes its responsibilities regarding your rights and the security of customer personal information very seriously.
LynxCare respects and protects your privacy. We appreciate the trust you place in our company. All your personal data is treated with the greatest care and confidentiality. We did appoint a DPO within LynxCare.
You can always contact this Privacy Officer to ask questions or exercise your rights by sending an e-mail using the form at the bottom of this page.
Note: Please note as stated above that LynxCare in a client relationship operates as a processor. In other words, for all tasks that LynxCare performs for hospitals, LynxCare is purely a processor.
This privacy notice applies to all data processing activities executed by LynxCare and all personal data collected by LynxCare on the LynxCare website. This concerns: customer data, details of prospects, applicants, subscribers to the newsletter, suppliers, and participants of events.
We will always process personal information based on a legal obligation, contract, or given consent.
LynxCare collects three types of personal data:
1. Identification information
2. Professional and employment data
LynxCare websites may provide links to third-party websites. LynxCare does not make any representations or warranties with respect to such third-party websites. You should be aware that the owners and operators of such third-party websites might collect, use or transfer Personal Data under different terms and conditions than LynxCare. Upon linking to a third-party website, you should inform yourself of the privacy policies of such third-party websites.
LynxCare protects the confidentiality, integrity and availability of your Personal Data. We use various technological and procedural security measures to protect your Personal Data from loss, misuse, alteration or destruction.
As mentioned above, LynxCare takes the security of personal data very seriously. The management system discussed above applies to the entire organization, for both the data LynxCare is processor for and Controller for. For more information see 1.2 Security.
We do not process your Personal Data any longer than is necessary for the purposes outlined in this Policy. We keep your data as long as you’re an active contact (customer, lead,…) and actively delete your data three years after once you become an inactive contact, met except for data for which statutory retention periods have been set.
We only transfer data towards the following categories of processors and third parties:
All personal data is stored within de EEA.
If and to the extent provided under applicable Belgian and European law, you shall have the right:
To exercise one of these rights, send an email using the form below. Please note that there will always be a check to prove your identity.
Additionally, you shall have the right to lodge a complaint with the authorized supervisory if the processing of your Personal Data infringes applicable law. Contact details of the Belgian Data Protection Authority are:
GBA –Drukpersstraat 35, 1000 Brussel
We reserve the right to modify this Policy at any time. This Notice is effective as of September 2020 (the “Effective Date”).
Notification of important updates will be sent to you by mail.
We have a team of MDs, data scientists and software engineers ready to let data drive your outcomes.