We are committed to protecting the privacy and security of Your PI and PGG. We are committed to fulfilling our obligations under European data privacy law, including the General Data Protection Regulation 2018, Article 16 TFEU (AVG). The principles set forth below govern how we collect, use, store and disclose PI or PGG obtained in the development, sale, promotion and distribution of our services.
We identify the purposes for which we use Your PI or PGG at the time we collect such information from You and, in any case, request Your consent prior to such use. We generally use Your PI and PGG for the following purposes (the "Purposes"):
to provide you with ongoing medical care and therapy;
to give you access to digital tools and services;
to track your use of Field Trip services;
to facilitate communication with external service providers with whom we have a contractual relationship, such as doctors, nurses, therapists, psychologists, psychiatrists and pharmacists;
To advise you of new programs and services that may be of interest to you;
to respond to your questions, complaints or requests;
to gather opinions and comments regarding Field Trip's activities;
to investigate legal claims;
such purposes for which Field Trip may be authorised from time to time; and
any other use permitted or required by applicable law.
Generally, we will obtain Your consent before collecting or in any event using Your PI or PGG for any purpose. You may give us your consent orally, electronically or in writing. The form of consent we seek, including whether it is express or implied, depends largely on the sensitivity of the PI or PGG and the reasonable expectations you might have in those circumstances. In limited circumstances, we may rely on a third party to obtain Your consent to share Your PI or PGG with us. You may withdraw Your consent by notifying us. You may expressly indicate that Your personal health information may not be used or disclosed for health purposes without Your consent. Notwithstanding the above, we may share anonymized data to contribute to improvements, research and general knowledge about treatments and therapy programs; in such situations, Field Trip Health Inc. will take reasonable steps to remove personally identifiable information before such results are shared externally.
We always collect Your PI and PGG in a fair and lawful manner. We may collect PI or PGG directly from You and/or from third parties, where we (and/or those third parties) have obtained Your consent, or as otherwise required or permitted by law.
The information we request from you will only be used for the purposes described above; we will seek your consent for other purposes.
We will use, disclose or retain Your PI and PGG for as long as necessary to achieve the Purposes described above and as permitted or required by law.
Generally, we will only disclose PI or PGG to such persons for whom you have given your consent. Notwithstanding the foregoing:
We may transfer Your PI or PGG to third party service providers with whom we have a contractual agreement that includes appropriate privacy standards, when such third parties assist us with the Purposes - such as physicians, nurses, therapists, psychologists, psychiatrists, pharmacists and service providers providing technology or communication services, data storage and processing, cloud-based software or other similar services.
We may also disclose PI or PGG to a prospective acquirer in connection with a transaction involving the sale of part or all of Field Trip (in which case use of Your information by the new entity would be limited by applicable law), or as otherwise permitted or required by law.
We may send PI or PGG abroad for the Purposes, including for processing and storage by service providers in connection with such Purposes. Please note, however, that to the extent a PI or PGG is out of the country, it is subject to the laws of the country in which it is held, and may be disclosed to the governments, courts or law enforcement or regulatory authorities of such other country, in accordance with the laws of that country.
We try to ensure that all decisions relating to your information are based on accurate and timely information. While we will do our best to base our decisions on accurate information, we trust that you will release all material information and notify us of any relevant changes.
We have implemented physical, organisational, contractual and technological security measures to protect Your PI and PGG against loss or theft, unauthorised access, disclosure, copying, use or modification. The only employees who are given access to Your PI and PGG are those on a need-to-know basis and/or whose duties reasonably require such information.
Information about our policies and practices regarding the management of personal health information / individual PI and PGG is available to the public on our external website and from the Privacy Officer.
If You make a written request to access Your PII or PGG collected, used or disclosed to date, we will provide You with such PII or PGG to the extent required by law. We will make such PI or PGG available to You in a form that is generally understandable, and we will explain any abbreviations or codes.
We will endeavour to respond to all Your written requests within 30 days of receipt. We will notify you in writing if we are unable to respond to your requests within this period. You have the right to make a complaint to the Personal Data Authority (AP) within this period; https://autoriteitpersoonsgegevens.nl/
According to the law, we have to keep your data for 20 years. Or longer if that's necessary for proper assistance. The period of retention starts when your treatment or counselling with us is completed. For records of minors, this period starts when the patient reaches the age of majority (18 years).
Do you think that data is factually incorrect in your file? Then you can ask the practitioner to correct it. You can also have your statement included in the file. Does your practitioner disagree with you?
You have the right to have (parts of) your file destroyed before the end of the legal retention period. Before we destroy the file, we will ask you to sign a statement. This will show that you have taken the decision to destroy the file voluntarily and consciously and that you are aware of all the consequences. One consequence, for example, is that the treatment cannot continue if there is no file.
You have the right to take PI with you and transfer it to another (care) provider. This right does not apply to the entire medical file. The PI that you have actively and consciously provided yourself can be taken with you and transferred to another (healthcare) provider. The same applies to the data that you have provided indirectly. Think, for example, of the data from a blood pressure monitor. Other data such as: decisions, the disease that has been diagnosed, suspicions or treatment plans that your doctor draws up, do not fall under the right to 'transferability'.
 "Personal Information (PI)" - "recorded information about an identifiable individual." Examples include: home address, phone, email address; gender, age, marital status, health information, religion; number of employees, employment history; opinions, financial data, and personal health information.
 "personal health data (PGG)" - Information about an individual, living or deceased and in oral or recorded form. It is information that can identify an individual and relates to such things as the individual's physical or mental health, the provision of health care to the individual, payments or eligibility for health care related to the individual, the donation by the individual of a body part or body substance, and the individual's health number. PGG may be information about a physician or other health care provider, a hospital employee, a patient, or a patient's family member. Examples of PGG include a name, medical record number, health insurance number, address, phone number, and PGG related to a patient's care, such as blood type, X-rays, consultation notes, etc.