app-logo
AboutEpilepsyMigraineBook a demo

Knowlepsy Data Privacy Policy

Introduction

This data protection policy for our website http://www.knowlepsy.com and Knowlepsy Health Care Platform www.knowrology.app as well as our KnowRisk Mobile Application on Android and IOS aims to inform their users and of the online services offered of their rights and obligations regarding the collection of their data.

This data protection policy also answers the legitimate questions that users of our services may have during the use of the Site.

In this context, this policy aims to provide clear, complete, and truthful information about the means and methods used by the KNOWLEPSY Site or the APP to protect the data of its users and respect their rights.

To fulfill our obligations regarding the protection of your rights, while offering you the best services and a pleasant experience, we have chosen to publish and implement a true policy on the protection of personal data, summarized below.

So that you can benefit from our services in complete security and confidence, this document presents in a single document clear, simple, and sincere information concerning the processing of Personal Data carried out by KNOWLEPSY App, as part of its activity.

Indeed, as part of our activities, we are required to collect, process, and store a certain amount of Data concerning visitors to the Site, our clients and partners, as well as statistical data.

It is recalled that, in particular, the French Data Protection Act, as well as the European Regulation 2016/679 of April 27, 2016 (GDPR), which entered into application on May 25, 2018, provide a specific framework for the regulation and protection of Personal Data.

Indeed, as part of our activities, we are required to collect, process, and store a certain amount of Data concerning visitors to the Site, our clients and partners, as well as statistical data.

At Knowlepsy, your privacy is our priority. We are committed to safeguarding the privacy and security of all personal and health-related data processed through our services. This Data Privacy Policy outlines our practices for collecting, using, and protecting information,

1. Scope of the Policy

This policy applies to all users of Knowlepsy’s services, including individuals, healthcare providers, and business associates. It governs data collected through our mobile application, B2B platform, and wearable devices, as well as data hosted on Microsoft Azure.

2. Lawfulness of the Processing conducted by Knowlepsy

When Knowlepsy processes Personal Data for its legitimate interest, Knowlepsy shall consider the Subject’s fundamental rights and interest to assess if the legitimate interests pursued by Knowlepsy do not create an imbalance with the Subject’s fundamental rights and interest.


Knowlepsy may process Personal Data for one or more specific purposes for which the Data Subject concerned will have clearly expressed its consent for the processing of its Personal Data for these purposes.

3. Roles & Responsibilities

Data Controller(s): Payers such as Hospitals, Pharmaceutical companies and Insurance companies.


Data Processor(s): Knowlepsy.


Data Recipient(s): Individuals or legal entities who receive Personal Health Data from Knowlepsy. Data Recipients may therefore also be employees of Knowlepsy or of external entities (e.g. partners such as healthcare organizations or healthcare professionals, suppliers, services providers, clients, etc.).


Data Subject(s): Patients using the Knowlepsy App.

4. Data Collection Practices

4.1 The present Personal Data Policy is applicable for data processed, collected and used on our Platform (For data processed, collected and used through the Knowlepsy Digital and wearable device please check the applicable Policy following this).


4.2 Personal data is collected in accordance with the current regulations:


The Data is collected only for explicit, legitimate reasons, and in compliance with the current applicable regulations


  • The collected data is necessary for the requested service(s).
  • Personal data is retained only for the time necessary for the processing of the service; beyond that, it will be deleted or anonymized.
  • Personal data is processed transparently, and you have access, insight, and modification rights over
  • Personal data is processed in a manner that guarantees an adequate level of security. Therefore, appropriate technical or organizational measures are implemented online.

4.3. Collection of Personal Data


4.3.1 The information and data of our clients are necessary for the processing and management of orders.


4.3.2 We collect the information you provide to us when:


  • You create your user account on our Mobile Application or Web Platform
  • You place an order or a pre order on our website.
  • You make a purchase
  • You subscribe to our newsletter
  • You browse our website / Platform
  • You contact our customer support or hotline

4.3.3 The types of personal data we may collect include:


  • Name, address, and contact information (e.g., email address, phone number)
  • Account credentials (e.g., username, password; order history)
  • Payment information (e.g., credit card details)
  • Health Data: Temperature, heart rate, HRV, Steps, Motion, Oxygen rate in the blood, Sleep data. All these physiological metrics are collected through wearable devices.
  • Behavioral Data: Life quality information as well as interactions with our application and customer support, whether written or audio, to improve service delivery and predictive analytics.
  • Environmental Data: Weather and geolocation
  • Demographic information (e.g., age, gender)
  • Website usage information (e.g., IP address, cookies, browsing data)

4.3.4 The mandatory or optional nature of the data is indicated to you during the collection by an asterisk (*). Some data is collected automatically based on your actions on the website https://www.knowlepsy.com/ or on the App.


5. Data Processing Pipeline

Our end-to-end data pipeline ensures secure and efficient data handling, including:

  • Data Collection: Data is collected from wearable devices via Bluetooth and transmitted to the cloud through a mobile app.
  • Event Ingestion: Azure API Management and Event Hub manage secure data flows.
  • Event Processing: Real-time analytics are performed using Azure Stream Analytics.
  • Data Storage: Raw and processed data are stored in Azure Data Lake and Cosmos DB and Azure SQL Database.
  • Data Transformation: Data is prepared for analysis using Azure Data Factory.
  • Data Storage & Access: Transformed data resides in an Azure SQL Database for efficient querying and retrieval.
  • Data Consumption: Our mobile app and B2B platform provide real-time insights and analytics for healthcare providers and users.

6. Data Use

We use the data collected to:


  • Provide actionable insights for hospitals, insurance companies, pharmaceutical companies, and patients to enhance health outcomes and decision-making processes.
  • Enable healthcare providers to have a more comprehensive view of patient’s health.
  • Conduct research to improve healthcare outcomes and train our AI Models.

7. Data Security

Knowlepsy has implemented technical and organizational measures to protect the integrity and confidentiality of Data Subjects’ Personal Data. These measures consider the state of the art, the costs of implementation and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of the Data Subjects.

Knowlepsy leverages Microsoft Azure’s HIPAA-compliant infrastructure to ensure robust data protection. Azure’s safeguards include:


  • Physical Security: State-of-the-art facilities protect hardware and data.
  • Technical Safeguards: Encryption, Security audits, access controls, and breach notification mechanisms.
  • Administrative Safeguards: Policies and training to uphold HIPAA compliance.

Microsoft Azure also provides a Business Associate Agreement (BAA), ensuring compliance with HIPAA’s Security Rule.

8. Data Sharing

We do not sell or share personal data with third parties for marketing purposes. Data may be shared with authorized partners and healthcare providers solely for:


  • Improving patient care.
  • Conducting approved clinical research.

Data subjects are informed of data sharing requests via invitations received on the mobile application. Their data is only shared once data subjects explicitly give consent by accepting the invitation.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and GDPR regulations.


We retain data for as long as five years to fulfill Medical Data Retention obligations.

10. Data subjects’ Rights

As Data Subjects and in accordance with applicable data protection laws, Individuals are entitled to exercise the following rights:


  • Access and visualize their data.
  • Request corrections to their data via the Knowlepsy Application.
  • Share their data with the health provider (Data Controller).
  • Opt-out of data sharing.

To exercise your rights, contact your health care provider or send us your query at privacy@knowlepsy.com.

11. Children’s Privacy

If personal data from children is collected, it will comply with COPPA and GDPR requirements. Parental consent is required for data processing for users under the age of 18.

12. International Data Transfers

If as part of the processing activities described above, Knowlepsy needs to transfer Personal Data from Data Subjects established in the European Economic Area (“EEA”) to recipient(s) located outside of the European Economic Area, such as servers, Knowlepsy will ensure that adequate and appropriate safeguards are implemented as required by the GDPR (e.g. ensuring an adequacy decisions from the European Commission is in force in accordance with Article 45 of the GDPR, or binding legal act or European Commission Standard Contractual Clauses have been signed with the recipient where applicable). Data collected in the United States will remain stored in US servers.

13. Updates to the Policy

13.1 Your Rights


You have the right to at any time to:


  • Access and receive a copy of your personal data
  • Rectify any inaccurate or incomplete personal data
  • Delete your personal data, subject to legal requirements
  • Delete your account
  • Object to the processing of your personal data for direct marketing purposes
  • Restrict or limit the processing of your personal data under certain circumstances
  • Withdraw your consent, where applicable

13.2 regular Updates


We may update this policy periodically. Significant changes will be communicated via our website and services.


14. Express consent

BY USING OUR PRODUCTS AND SERVICES THROUGH THE WEBSITE WWW.KNOWLEPSY.COM AND OUR PLATFORM WWW.KNOWROLOGY.APP AND PROVIDING FREELY AND INTENTIONALLY YOUR PERSONAL DATA, YOU CONSENT TO THE COLLECTION, USE, AND PROCESSING OF YOUR PERSONAL DATA AS DESCRIBED IN THIS PERSONAL DATA POLICY.


Opt-Out Options: Available for marketing communications and certain non-essential processing activities.


To withdraw consent from sharing your data, please contact your health care provider or Knowlepsy at privacy@knowlepsy.com


15. Data Breach Notification

In the event of a data breach:


  • Users will be notified within 72 hours via email or in-app alerts.
  • Notifications will include details of the breach, potential impacts, and mitigation steps.

16. Contact Us

  • Email: support@knowlepsy.com
  • Privacy Officer: privacy@knowlepsy.com
  • Physical Address: Knowlepsy, 96 rue Paradis, 13006 Marseille, France

Appendix: Microsoft Azure Compliance

Azure’s compliance framework includes:


  • Alignment with HIPAA requirements.
  • Provision of a HIPAA BAA to covered entities and business associates.
  • Adherence to the HIPAA Security Rule through contractual assurances, breach reporting, and access controls.

For more details, visit Microsoft’s Azure Compliance Documentation.