{"id":18526,"date":"2025-08-18T12:36:31","date_gmt":"2025-08-18T10:36:31","guid":{"rendered":"https:\/\/www.glucotab.at\/?page_id=18526"},"modified":"2025-08-18T12:36:32","modified_gmt":"2025-08-18T10:36:32","slug":"glucotab-exemplary-privacy-policy","status":"publish","type":"page","link":"https:\/\/www.glucotab.at\/en\/glucotab-exemplary-privacy-policy\/","title":{"rendered":"GlucoTab &#8211; Exemplary privacy policy"},"content":{"rendered":"<p>This is a sample privacy policy for the medical device software \u201c<strong>GlucoTab\u201d <\/strong>operated for<br \/><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">&lt;a customer or a project in one or more countries><\/mark>.<\/p>\n<p>Last update on 12.06.2025<\/p>\n<h1 class=\"wp-block-heading\">1 Contact information<\/h1>\n<p>Controller within the meaning of data protection law:<\/p>\n<figure class=\"wp-block-table\">\n<table>\n<tbody>\n<tr>\n<td><mark style=\"background-color:#7bdcb5\" class=\"has-inline-color\"><strong>Note<\/strong>: If the GlucoTab software is operated by a healthcare organization or region, the controller may change, as well as the contact details referenced below.<\/mark><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">decide Clinical Software GmbH<br \/>Waagner-Biro-Strasse 47\/1<br \/>8020 Graz<br \/>Austria<br \/><a href=\"mailto:office@decide-clinical.com\">office@decide-clinical.com<\/a><\/mark><\/p>\n<p>As GlucoTab is made available via Internet only for pilot operation, no data protection officer has been appointed.<\/p>\n<h1 class=\"wp-block-heading\">2 Purpose and scope of application<\/h1>\n<p>This privacy policy is intended to inform users and their clients about the type, scope and purpose of the collection and use of personal data by the responsible provider. The privacy policy applies to the GlucoTab system made available via Internet for the nursing care setting and for pilot operation at the hospital.<\/p>\n<p>GlucoTab is used exclusively by healthcare professionals (nurses or physicians) to support diabetes therapy.<\/p>\n<p>In mobile care, GlucoTab is made available to care facilities, whose employees then use the system on mobile devices at the client&#8217;s home and in the facility&#8217;s offices.<\/p>\n<h1 class=\"wp-block-heading\">3 Collection of general information<\/h1>\n<p>Each time GlucoTab is used, a connection is established with the GlucoTab server. In this process, This involves the automatic collection of information.<\/p>\n<p>The<\/p>\n<ul class=\"wp-block-list\">\n<li>IP address and<\/li>\n<li>Information on the device used<\/li>\n<\/ul>\n<p>are recorded. Without this data, it would not be technically possible to use GlucoTab in some cases. In this respect, the collection of this data is absolutely necessary.<\/p>\n<p>We also use the anonymised information for statistical purposes. It helps us to optimise the system and technology. We also reserve the right to check the log files retrospectively if we suspect illegal use of our systems. The legal basis for the temporary storage of the data or the log files is Art. 6 para. 1 lit. f GDPR, whereby the legitimate interest follows from the aforementioned purposes.<\/p>\n<p>The data, in particular the log files, are deleted at regular intervals.<\/p>\n<h1 class=\"wp-block-heading\">4 Processing of clients&#8217; personal data during diabetes therapy with GlucoTab<\/h1>\n<h2 class=\"wp-block-heading\">4.1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Start of therapy<\/h2>\n<p>At the start of therapy and at the start of each further activity with GlucoTab, the client master data is updated from the healthcare facility&#8217;s administration system or care documentation system when a client is selected.<\/p>\n<p>These data are:<\/p>\n<ul class=\"wp-block-list\">\n<li>Client ID<\/li>\n<li>First name<\/li>\n<li>Surname<\/li>\n<li>Date of birth<\/li>\n<li>Assignment to organisational unit of the healthcare facility<\/li>\n<\/ul>\n<p>optional:<\/p>\n<ul class=\"wp-block-list\">\n<li>Address<\/li>\n<li>Treating general practitioner<\/li>\n<li>Unique identifier of the treating general practitioner<\/li>\n<li>Current weight + date<\/li>\n<li>Most recent HbA1c value + date<\/li>\n<li>Oral antidiabetic agents ordered (medication name, code, dose)<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\">4.2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Ongoing therapy<\/h2>\n<p>Algorithms for basal-bolus insulin therapy (mostly used in hospitals) as well as for basal insulin therapy (which allows different therapy intensities for geriatric patients depending on their health status and is therefore recommended in the nursing care setting) are available for diabetes patients. The system regularly makes suggestions for adjusting the planned insulin dose and blood glucose measurement frequency and calculates the current dose to be administered for each insulin administration, taking into account the meal, blood glucose value and previous insulin administrations.<\/p>\n<p>The processed data can be categorised as follows:<\/p>\n<ul class=\"wp-block-list\">\n<li>Measured values, meals (blood glucose, HbA1c, meal yes\/no)<\/li>\n<li>Therapy order (which drug is to be administered in which dosage and how)<\/li>\n<li>Performer of therapy, insulin administration (insulin doses administered, dose adjustments if necessary, completed control measurements)<\/li>\n<li>Free text comments (comments on certain values or activities, concerns for coordination with the general practitioner)<\/li>\n<\/ul>\n<p>The legal basis for processing the data or health data is your (the patient\u2019s) express consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 9 para. 2 s. 1 lit. a GDPR. You can withdraw their consent to processing at any time without giving reasons. Withdrawal of consent will result in blocking the processing and erasing your data after 30 days. Within this period, you can give your consent again and continue to use the software without any loss of information. At your explicit request, you can also keep your account from being deleted after more than 30 days.<\/p>\n<h1 class=\"wp-block-heading\">5 Processing of personal data of GlucoTab users (healthcare professionals)<\/h1>\n<h2 class=\"wp-block-heading\">5.1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Start the application \/ Login<\/h2>\n<p>When starting the application or logging in, information about the user is transferred from a system operated by the healthcare facility to the GlucoTab system and stored there.<\/p>\n<p>In particular, these are:<\/p>\n<ul class=\"wp-block-list\">\n<li>User name<\/li>\n<li>First name, surname (optional title)<\/li>\n<li>optional contact information: e-mail, telephone number<\/li>\n<li>Role<\/li>\n<li>Organisational unit(s)<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\">5.2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Ongoing use in therapy and care<\/h2>\n<p>The system logs all activities carried out and assigns them to the user carrying them out. This means that it is always possible to trace who carried out or documented which activity and when.<\/p>\n<p>The legal basis for the processing of users&#8217; data is a declaration of consent by the users to the care facility where they are employed for the processing of this personal data.<\/p>\n<h1 class=\"wp-block-heading\">6 Use of anonymised data to improve the GlucoTab system<\/h1>\n<p>The GlucoTab health application is based on scientifically evaluated therapy regimens recommended by clinical guidelines. In order to ensure continuous improvement of the dose suggestions and therapy support provided by GlucoTab, decide Clinical Software GmbH reserves the right to anonymise and subsequently evaluate your data. This allows the safety and effectiveness of the system to be optimised. Anonymisation means that it is no longer possible to assign this data to a natural person.<\/p>\n<h1 class=\"wp-block-heading\">7 Data processing<\/h1>\n<p>The data collected are special categories of personal data, specifically health data, within the meaning of Art. 9 GDPR. Health data are all data that relate to the physical and mental health of a natural person. This data is stored on a server in Austria. The servers are not operated by us, but by a European provider who is certified according to ISO 27001. A data processing agreement and a list of technical and organisational measures are in place with this provider. Only our administrators, our support staff and GlucoTab users with authorisation depending on the care organisation and organisational unit have access to the data.<\/p>\n<p>decide Clinical Software GmbH processes both client data and user data on behalf of the respective care facility.<\/p>\n<h1 class=\"wp-block-heading\">8 Contact and support<\/h1>\n<p>If you contact decide Clinical Software GmbH by e-mail, the information you provide (in particular your e-mail address) will be stored in order to answer your enquiry and to be able to ask possible follow-up questions.<\/p>\n<p>In this case, your data will be processed on the basis of your (implied) consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.<\/p>\n<h1 class=\"wp-block-heading\">9 Cookies<\/h1>\n<p>The GlucoTab web application uses so-called cookies. These are text files that are stored on your device by the server. Only technically necessary cookies are used in GlucoTab to store information about the session in the software after logging in.<\/p>\n<h1 class=\"wp-block-heading\">10&nbsp;&nbsp;&nbsp;&nbsp; Your rights<\/h1>\n<h2 class=\"wp-block-heading\">10.1&nbsp;&nbsp;&nbsp;&nbsp; Revocation of consent<\/h2>\n<p>If we process your user data on the basis of your consent, you can withdraw your consent at any time without this affecting the lawfulness of the processing prior to the withdrawal. We will continue to provide our services insofar as they do not depend on the revoked consent.<\/p>\n<h2 class=\"wp-block-heading\">10.2&nbsp;&nbsp;&nbsp;&nbsp; Information, correction and restriction<\/h2>\n<p>All affected clients and users (healthcare professionals) have the right to request information about the processing of their personal data. To do so, please contact us at any time at <a href=\"mailto:support@decide-clinical.com\"><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">support@decide-clinical.com<\/mark><\/a>.<\/p>\n<p>Your right to information includes information about the processing purposes, data and recipient categories, storage duration, any origin of your data and your rights in accordance with data protection regulations. You will find all of this information in this privacy policy and we will be happy to provide it to you in electronic format on request.<\/p>\n<p>If it turns out that a single piece of your personal data is incorrect, you can request that your data be corrected or completed at any time &#8211; most data can be corrected by users within the application. For the duration of any review of your concerns, you also have the right to restrict data processing.<\/p>\n<h2 class=\"wp-block-heading\">10.3&nbsp;&nbsp;&nbsp;&nbsp; Erasure (&#8220;right to be forgotten&#8221;)<\/h2>\n<p>All affected clients and users (healthcare professionals) have the right to request the deletion of their personal data. To do so, please contact us at any time at <a href=\"mailto:support@decide-clinical.com\"><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">support@decide-clinical.com<\/mark><\/a>.<\/p>\n<h2 class=\"wp-block-heading\">10.4&nbsp;&nbsp;&nbsp;&nbsp; Data portability<\/h2>\n<p>Finally, all affected clients and users (healthcare professionals) have the right to request that we transfer an overview of their personal data to another controller, insofar as this is technically feasible.<\/p>\n<h2 class=\"wp-block-heading\">10.5&nbsp;&nbsp;&nbsp;&nbsp; Complaints<\/h2>\n<p>If you believe that we are not adequately protecting your data protection rights, please contact us at <a href=\"mailto:support@decide-clinical.com\"><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">support@decide-clinical.com<\/mark><\/a> at any time. We will deal with your request immediately.<\/p>\n<p>Otherwise, all affected clients and users (healthcare professionals) have the right to lodge a complaint with the Austrian Data Protection Authority responsible for <mark style=\"background-color:#fcb900\" class=\"has-inline-color\">decide Clinical Software GmbH in 1080 Vienna, Wickenburggasse 8-10<\/mark>, if they are of the opinion that the processing of their personal data violates data protection regulations. In addition, the right to lodge a complaint may also be exercised with a supervisory authority in the EU Member State of your place of residence, your place of work or the place of an alleged infringement.<\/p>\n<h1 class=\"wp-block-heading\">11&nbsp;&nbsp;&nbsp;&nbsp; Changes to our privacy policy<\/h1>\n<p>In order to ensure that our privacy policy always complies with current legal requirements, decide Clinical Software GmbH reserves the right to make changes at any time. This also applies in the event that the privacy policy has to be adjusted due to new or revised services, for example new services.<\/p>\n<h1 class=\"wp-block-heading\">12&nbsp;&nbsp;&nbsp;&nbsp; Severability clause<\/h1>\n<p>Should single provisions of this privacy policy be or become invalid or unenforceable in whole or in part, this shall not affect the validity of the remaining provisions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is a sample privacy policy for the medical device software \u201cGlucoTab\u201d operated for&lt;a customer or a project in one or more countries>. Last update on 12.06.2025 1 Contact information Controller within the meaning of data protection law: Note: If the GlucoTab software is operated by a healthcare organization or region, the controller may change, [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"cybocfi_hide_featured_image":"","footnotes":""},"class_list":["post-18526","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/pages\/18526","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/comments?post=18526"}],"version-history":[{"count":1,"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/pages\/18526\/revisions"}],"predecessor-version":[{"id":18527,"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/pages\/18526\/revisions\/18527"}],"wp:attachment":[{"href":"https:\/\/www.glucotab.at\/en\/wp-json\/wp\/v2\/media?parent=18526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}