At Tandem Health AB ("Tandem" or "We"), we prioritize your privacy and are committed to safeguarding your personal data. This Privacy Policy aims to inform you, as a user or prospective client, about how we collect, use, protect, and manage your personal data. Through this policy, we also explain your privacy rights and how the law protects you when you engage with our services.
Our Website Privacy Policy outlines how we handle your personal data when you visit our website. It is designed to provide clarity on how your information is managed and the measures we take to protect it. This policy, together with our terms of use, governs your use of our website at (https://www.tandemhealth.ai) (the "Website"). It sets out the basis on which any personal data collected from you, or provided by you, will be processed.
For ease of navigation, this Website Privacy Policy is presented in a layered format, allowing you to click through to specific sections for more detailed information. Please review this document carefully to understand our practices regarding your personal data and how we will handle it.
This policy relates to the processing of personal data where Tandem acts as a data controller. It does not cover the data processing activities we conduct as a data processor under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, "GDPR"), which are addressed in a separate document.
Tandem Health AB is registered with the Swedish Companies Registration Office with org. no. 559444-6857 and has its head office at Kungsklippan 12, 112 25 Stockholm, Sweden. Tandem is the data controller in accordance with the GDPR for the personal data processing described in this information.
Our Privacy Policy is reviewed regularly and may be updated occasionally. If any changes occur, we will post the updated policy on this page and, where applicable, notify you by email or through the next time you log into the Website.
You may be required to read and accept the updated Privacy Policy before continuing to use our services. To ensure the data we hold about you remains accurate and up to date. Please notify us promptly of any changes to your personal information throughout your relationship with us.
From time to time, the Tandem Health website may include links to websites belonging to our partner networks and affiliates. Please be aware that these external websites, along with any services they provide, operate under their own privacy policies. We do not assume any responsibility or liability for their privacy practices or for any personal data collected through those websites or services. It is advisable to review their privacy policies before submitting personal information or utilizing their services
Depending on the level of your engagement with the Website, we may collect, use, store and transfer different kinds of personal data about you as follows.
• Identity Information: Includes your first and last name, username, or any similar identifier. This data point is provided by you when showing interest in our application through our Website. This is the information you would also provide to us when you apply for a job with us on our Website.
• Contact Information: Includes your email address, the details of your organization, when you are sending a request to be in contact with us via our webform or contact email. It also includes the content of your resume when applying for a job on the Website. This information is necessary for facilitating communication with you and ensuring compliance with regulatory and legal obligations regarding your privacy policy.
• Technical Information: We collect information regarding your usage of the website, such as, but not limited to, traffic patterns, communication data, and accessed resources. This data is collected to evaluate and enhance the Website's performance.
• Qualification and Professional Data: This includes: (a) your awarded qualifications, along with the relevant institutions, subjects, and grades; (b) your registration with any professional body or register, including renewal details; and (c) your employment history and any cover letter or personal statement submitted.
We may gather, utilize, and share Aggregated Data, including statistical or demographic information, for various purposes. Although this data might originate from your personal information, it is not classified as personal data under the law because it does not disclose your identity. For instance, we might use your Usage Data to calculate the proportion of users engaging with a particular feature on our website. However, if Aggregated Data is linked with your personal details in a way that could identify you, we will treat it as personal data and handle it according to this privacy policy.
Most of the personal information we handle will come directly from you, such as when you apply for a position with us through the Website. While providing this information is optional, without it, you may be unable to work with Tandem. Additionally, when you visit the Website, we automatically gather personal information like Technical Data and Usage Data through cookies and similar technologies. For further details, please refer to our cookie policy.
This cookies policy explains how Tandem Health uses cookies and other tracking technologies on the Website. It should be read in conjunction with our privacy policy, which details how we handle personal information.
• What are web cookies? Web cookies are small files placed on your computer or mobile device by a website when you visit. These files contain details of your browsing history and help distinguish you from other users. Cookies send data back to the website during future visits or allow other websites or apps to recognize the same cookie. They are valuable because they allow a website or app to recognize a user's device, remember preferences, and generally enhance the online experience. Like most websites, we also use cookies. Although we refer to the general term “cookie” in this policy, we also use the browser’s local storage and other tracking technologies on both the Website and the Platform for similar purposes. Therefore, the information provided in this cookie policy applies to all such tracking methods that we employ.
• Why do we use cookies?
o To enable functionality on the Website, cookies allow you to access secure areas of our solution, such as logging in.
o To collect anonymous statistics that help us gather usage data and patterns, enabling us to improve the Website's performance.
o To enhance your experience, cookies prevent you from having to re-enter information you've already provided and ensure you can easily find what you're looking for.
• What cookies do we use? The table below provides more information on the cookies and tracking technologies we utilize as well as their purposes.
• Cookie acceptance:
o By using the Website, you consent to our use of cookies, which may be updated over time. Specifically, you agree to cookies being stored on your computer or mobile device (unless rejected or disabled via your browser). You can manage your cookie preferences through your browser or the Website. The option to accept or reject cookies is typically found in your browser or device's options, settings, or preferences menu. If you access the Website from multiple devices or profiles, you will need to set your preferences again.
o We may collect de-identified information through cookies, including your browser type, operating system, and other websites you've visited. In some cases, personal information may be collected if a cookie is linked to your account. Cookies help track your website activity, remember preferences, and recognize you across devices and sessions, allowing us to maintain consistent functionality and improve your experience. You will be able to manage your cookie preferences through your browser settings, enabling you to accept or reject cookies or receive notifications when a cookie is sent. Disabling cookies may restrict access to certain website features. For more information, consult your browser’s help documentation. Additionally, we may use third-party analytics tools such as Google Analytics, Meta Pixel, Mixpanel, Segment, and other tools in the future to collect and analyze data about your website and platform usage. These tools provide insights into user behavior, helping us enhance our services
• Updating our cookies policy: We may occasionally revise our use of cookies, which could lead to updates to this policy. We recommend that you review this cookies policy regularly.
We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data in the following cases:
• When you have provided prior consent: This involves handling your personal data after you’ve given explicit approval, typically through a clear opt-in or statement indicating agreement for a specific purpose. Your consent is valid only when it is freely given, specific, informed, and clearly expressed. You can revoke your consent at any time by reaching out to us.
• When it aligns with our legitimate interests: We may process your personal data where it's necessary for the legitimate interests of our business or a third party, provided those interests are not overridden by your own rights and fundamental freedoms. Our legitimate interest involves managing our operations efficiently to provide you with the highest quality service and a secure experience. Before we process your data under this basis, we carefully weigh the potential effects on you and your rights. We will not use your personal data in cases where your rights outweigh our interests unless we have your consent or are required by law. If you'd like more details on how we assess these interests, feel free to contact us.
• When we are obligated to comply with legal requirements: This includes processing your data when it is necessary for us to meet legal or regulatory obligations.
During our relationship, Tandem may process your personal data for the following purposes and on the following legal bases:
To apply for a job with us
- Identity
- Email contact
- LinkedIn
- Personal website or Portfolio
- Qualifications and Professional
Consent
Necessary for our legitimate interests (for running our business and assessing new job applications in connection with the provision of healthcare services and the management of healthcare systems and services).
To manage our relationship with you including responding to your queries and requests, notifying you of changes to the Website and/or our Terms of Service or this privacy policy
- Identity (optional)
- Contact (email)
Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)
To administer and protect our business and the Website, including troubleshooting, data analysis and system testing
- Identity (optional)
- Contact
- Technical
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)
To ensure that you are able to meet your regulatory obligations
- Identity (optional)
- Contact
Performance of a contract with you
To comply with a legal or regulatory obligation or expectations
Your personal data will be stored only for as long as necessary to fulfill the purposes for which it was collected. Once those purposes have been met, we will securely delete or anonymize your data, unless legal or regulatory obligations require us to retain it for a longer period. We retain your personal data as long as it is needed to provide you with the services for which it was collected, such as operating our Website. If you file a complaint or we anticipate potential litigation, we may retain your data for a longer period. Additionally, certain legal and regulatory requirements may compel us to hold on to your information for compliance purposes. You have the right to request the deletion of your data under certain circumstances.
Please refer to the "Your Rights" section (11) for more details. In some cases, we may anonymize your data, making it no longer personally identifiable. This anonymized data may be used for research or statistical purposes indefinitely, without further notice to you.
Within Tandem, only authorized personnel, based on their roles and responsibilities, may access personal data. This access is strictly limited to what is necessary for performing their duties. Your personal data may be shared with our data processors (such as technical service providers), but only when necessary for them to carry out their assigned tasks. These third-party companies are prohibited from sharing or using this information for any other purpose. Tandem has ensured that each contract with these companies includes measures to safeguard your data.
In some cases, your personal data may be shared with authorized third parties, such as public authorities legally permitted to request such information. We may need to share personal data with the following third parties:
• Service providers acting as processors, such as: Microsoft Azure (EU), which provides data hosting services in connection with the website and/or platform.
• Other suppliers who may provide services such as IT and system administration.
• Professional advisors, acting as processors or joint controllers, including lawyers, bankers, auditors, and insurers, who offer consultancy, legal, banking, insurance, and accounting services.
• Regulatory authorities, local governments, or other public agencies, acting as processors or joint controllers, who may require data for reporting purposes.
We only permit service providers to process your personal information if they take appropriate steps to protect it. We impose contractual obligations to ensure that these providers use your data solely to provide services to us and you, with no other purposes. Additionally, we may share information with law enforcement and regulatory agencies to comply with legal and regulatory requirements
We are committed to ensuring the confidentiality, integrity, availability and security of your personal data. In accordance with the GDPR, we endeavour to implement the appropriate technical and organisational measures to guarantee the level of security that is most appropriate to the risks incurred when processing personal data. We also take steps to prevent, as far as possible, any loss, accidental destruction, alteration or unauthorised access to your personal data.
Your personal data may be transferred to third countries located outside the European Union. In such cases, we systematically take all appropriate measures to verify and, if necessary, guarantee that the recipients of the data comply with an adequate level of protection equivalent to the European regulations, by signing standard contractual clauses adopted by the European Commission.
In accordance with the GDPR, you have the following rights regarding your personal data:
• Right to Information - You, as the data subject, have the right to receive information about how we process your personal data. We inform you through this policy and by answering your questions.
• Right to Access - You, as the data subject, have the right to receive confirmation from us if we process your personal data, access the personal data, and certain information about the processing itself (e.g., the purpose of the processing).
• Right to Rectification - You, as the data subject, have the right to have incorrect personal data about you corrected by us without undue delay, as well as the right to supplement incomplete data.
• Right to Erasure (Right to be forgotten)- You, as the data subject, have the right to have your personal data erased under certain circumstances. The right to erasure does not apply if the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation that requires processing under Union or Member State law that we are subject to, or for the establishment, exercise, or defense of legal claims. The right to erasure may, depending on the basis for your request, also be limited if the data is still necessary for the purpose or if there are compelling legitimate grounds for the processing that override your right to erasure under Art 21.1 GDPR. However, the right to erasure always exists in the case of processing for direct marketing purposes upon objection under Art21.2 GDPR.
• Right to Restriction of Processing - You, as the data subject, have the right to require the restriction of processing of your personal data. The right to restriction of processing applies if you contest the accuracy of the data if the processing is unlawful, if the data is no longer needed for the purposes but you need them to establish, exercise, or defend legal claims. The right also applies while awaiting verification of which party's reasons outweigh if you have objected to processing in accordance with Article 21.1 GDPR.
• Right to Object - You, as the data subject, have the right to object to processing based on public interest, the exercise of official authority, or legitimate interest. In such a situation, the processing ceases unless there are compelling legitimate grounds that override your interests or if the purpose of the processing is to establish, exercise, or defend legal claims. Processing for direct marketing ceases if you object to such processing.
• Right to Data Portability - You, as the data subject, have the right, in certain cases, to receive the data you have provided us and have the data transferred to another data controller. The right exists when we process personal data automatically and based on your consent or on a contract.
• Rights in Relation to Automated Decision-Making - You, as the data subject, have the right not to be subject to automated decision-making that has legal effects or similarly significantly affects you. The right does not exist if it is necessary for the performance of a contract, is permitted by Union or Member State law that applies to us or is based on your consent.
• Right to Lodge a Complaint - You, as the data subject, have the right, according to Article 77 GDPR, to lodge a complaint with a supervisory authority if you believe that the processing is in violation of the regulation. You can find more information and complaint forms on the website of the National Data Protection Authorities.
As mentioned above, should you wish to exercise your rights over your personal data, please contact us:
• By e-mail, at dpo@tandemhealth.ai ;
• By post, to the following address: Tandem Health AB – Attn.: Data Protection Officer - Kungsklippan 12, 112 25 Stockholm, Sweden.
• By contacting the local regulatory authorities (e.g CNIL, ICO, AEPD...), but we would appreciate dealing with your concern before approaching any regulator, please contact us in the first instance.
Tandem Health continually works to improve our services. Therefore, we may update this information. When we make changes to the policy, we will publish the updated version on our website and indicate the date of the latest update. For updates of significant importance to the processing of your personal data, we provide information about this through email or a notice on our website in accordance with applicable legislation. Please visit this page regularly to stay informed about how we process your personal data.
The information was last updated on September 1st, 2024.