Privacy Policy of SpineWise BV
Welcome to SpineWise BV, a leader in ergonomic assessment and improvement through advanced measurement devices and services. This Privacy Policy outlines our commitment to protecting the privacy and security of personal data we collect from employees of our client organizations.
Scope and Consent
This policy applies to personal data collected through our measurement devices and services, aggregated on an online dashboard for client stakeholders. Participation by employees in these measurements is voluntary and based on informed consent. The consent form provides detailed information on what is measured, the purposes and goals of data collection, data subject rights, data retention policies, and secures explicit consent for processing personal data.
Data Protection Officer
Nicolas Cattoir has been designated as our Data Protection Officer (DPO). For any questions regarding your data privacy and security, Nicolas can be reached at nicolas@spinewise.be.
Data Collection and Processing
What We Collect: Personal data necessary for ergonomic assessments, including but not limited to, movement and orientation data, and historical musculoskeletal information. The can also contain demographic data like age, sex, height and weight.
Why We Collect It: To identify, assess, and mitigate ergonomic risks and hazards in the workplace. To improve workplace health and safety based on empirical data.
How We Use Your Data: Data is individually extracted and processed to identify ergonomic risks, providing personal insights to the individuals from whom the data was collected. Additionally, data is aggregated to identify trends among groups of users, activities, or periods of time, aiding in the improvement of workplace ergonomics and the health and safety of individuals.
Data Protection Impact Assessment (DPIA)
We conduct DPIAs for processing that is likely to pose a high risk to the rights and freedoms of natural persons, especially when involving new technologies. This is part of our commitment to data protection by design and by default.
Cross-Border Data Transfers
We do not transfer personal data across borders. All data processing activities are conducted within the jurisdiction they are collected, in full compliance with local data protection laws.
Cookies and Tracking Technologies
Our services do not employ cookies or any tracking technologies, underscoring our commitment to privacy and data protection.
Legal Basis for Processing
The legal bases for processing personal data are the explicit consent from participating employees and the legitimate interests pursued by our client companies to ensure a safe and healthy work environment.
Data Subject Rights
Participants have the right to access their personal data, request correction or deletion, restrict or object to processing, and enjoy data portability. They can also withdraw consent at any time.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in the consent form, in accordance with our data retention policy and applicable laws.
Security Measures
We implement stringent security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures are continually reviewed and updated.
Changes to Our Privacy Policy
We reserve the right to update this privacy policy at any time. Changes will be notified to users via a pop-up notification on our website upon user login. We encourage you to review this policy periodically.
Contact Us
For more information about our privacy practices, to exercise your data subject rights, or if you have any questions, please contact our DPO, Nicolas Cattoir, at nicolas@spinewise.be.