Privacy policy

‍
1. Purpose of this website privacy policy
At Tandem Health AB ("Tandem" or "We"), we prioritize your privacy and are committed to safeguarding your personal data. This Privacy Policy aims to inform you, as a user or prospective client, about how we collect, use, protect, and manage your personal data. Through this policy, we also explain your privacy rights and how the law protects you when you engage with our services.Our Website Privacy Policy outlines how we handle your personal data when you visit our website. It is designed to provide clarity on how your information is managed and the measures we take to protect it. This policy, together with our terms of use, governs your use of our website at (https://www.tandemhealth.ai) (the "Website"). It sets out the basis on which any personal data collected from you, or provided by you, will be processed.For ease of navigation, this Website Privacy Policy is presented in a layered format, allowing you to click through to specific sections for more detailed information. Please review this document carefully to understand our practices regarding your personal data and how we will handle it.This policy relates to the processing of personal data where Tandem acts as a data controller. It does not cover the data processing activities we conduct as a data processor under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, "GDPR"), which are addressed in a separate document.

2. Data controller
Tandem Health AB is registered with the Swedish Companies Registration Office with org. no. 559444-6857 and has its head office at Kungsklippan 12, 112 25 Stockholm, Sweden. Tandem is the data controller in accordance with the GDPR for the personal data processing described in this information.At Tandem, we have appointed a Data Protection Officer (DPO) who you can contact if you have any questions about how we process your personal data and/or if you wish to exercise the rights you have over your personal data. You can contact our DPO at dpo@tandemhealth.ai. We are dedicated to protecting your personal data and safeguarding your privacy. If you have any questions regarding this Privacy Policy or the handling of your personal data, please do not hesitate to contact us using the details provided below.
Our Privacy Policy is reviewed regularly and may be updated occasionally. If any changes occur, we will post the updated policy on this page and, where applicable, notify you by email or through the next time you log into the Website.You may be required to read and accept the updated Privacy Policy before continuing to use our services. To ensure the data we hold about you remains accurate and up to date. Please notify us promptly of any changes to your personal information throughout your relationship with us.

3. Third party links
From time to time, the Tandem Health website may include links to websites belonging to our partner networks and affiliates. Please be aware that these external websites, along with any services they provide, operate under their own privacy policies. We do not assume any responsibility or liability for their privacy practices or for any personal data collected through those websites or services. It is advisable to review their privacy policies before submitting personal information or utilizing their services

4. What Personal Data we collect about you
Depending on the level of your engagement with the Website, we may collect, use, store and transfer different kinds of personal data about you as follows:

Identity Information: Includes your first and last name, username, or any similar identifier. This data point is provided by you when showing interest in our application through our Website. This is the information you would also provide to us when you apply for a job with us on our Website.

Contact Information: Includes your email address, the details of your organization, when you are sending a request to be in contact with us via our webform or contact email. It also includes the content of your resume when applying for a job on the Website. This information is necessary for facilitating communication with you and ensuring compliance with regulatory and legal obligations regarding your privacy policy.

Technical Information: We collect information regarding your usage of the website, such as, but not limited to, traffic patterns, communication data, and accessed resources. This data is collected to evaluate and enhance the Website's performance.

Qualification and Professional Data: This includes: (a) your awarded qualifications, along with the relevant institutions, subjects, and grades; (b) your registration with any professional body or register, including renewal details; and (c) your employment history and any cover letter or personal statement submitted.

We may gather, utilize, and share Aggregated Data, including statistical or demographic information, for various purposes. Although this data might originate from your personal information, it is not classified as personal data under the law because it does not disclose your identity. For instance, we might use your Usage Data to calculate the proportion of users engaging with a particular feature on our website. However, if Aggregated Data is linked with your personal details in a way that could identify you, we will treat it as personal data and handle it according to this privacy policy.

5. How is your personal data collected?
Most of the personal information we handle will come directly from you, such as when you apply for a position with us through the Website. While providing this information is optional, without it, you may be unable to work with Tandem. Additionally, when you visit the Website, we automatically gather personal information like Technical Data and Usage Data through cookies and similar technologies. For further details, please refer to our cookie policy.

6.  Our Cookie policy
This cookies policy explains how Tandem Health uses cookies and other tracking technologies on the Website. It should be read in conjunction with our privacy policy, which details how we handle personal information.

What are web cookies? Web cookies are small files placed on your computer or mobile device by a website when you visit. These files contain details of your browsing history and help distinguish you from other users. Cookies send data back to the website during future visits or allow other websites or apps to recognize the same cookie. They are valuable because they allow a website or app to recognize a user's device, remember preferences, and generally enhance the online experience. Like most websites, we also use cookies. Although we refer to the general term “cookie” in this policy, we also use the browser’s local storage and other tracking technologies on both the Website and the Platform for similar purposes. Therefore, the information provided in this cookie policy applies to all such tracking methods that we employ.

Why do we use cookies?
- To enable functionality on the Website, cookies allow you to access secure areas of our solution, such as logging in.
- To collect anonymous statistics that help us gather usage data and patterns, enabling us to improve the Website's performance.
- To enhance your experience, cookies prevent you from having to re-enter information you've already provided and ensure you can easily find what you're looking for.

What cookies do we use?

The text below provides more information on the cookies and tracking technologies we utilize as well as their purposes.

Cookie acceptance:
- By using the Website, you consent to our use of cookies, which may be updated over time. Specifically, you agree to cookies being stored on your computer or mobile device (unless rejected or disabled via your browser). You can manage your cookie preferences through your browser or the Website. The option to accept or reject cookies is typically found in your browser or device's options, settings, or preferences menu. If you access the Website from multiple devices or profiles, you will need to set your preferences again.
- We may collect de-identified information through cookies, including your browser type, operating system, and other websites you've visited. In some cases, personal information may be collected if a cookie is linked to your account. Cookies help track your website activity, remember preferences, and recognize you across devices and sessions, allowing us to maintain consistent functionality and improve your experience. You will be able to manage your cookie preferences through your browser settings, enabling you to accept or reject cookies or receive notifications when a cookie is sent. Disabling cookies may restrict access to certain website features. For more information, consult your browser’s help documentation. Additionally, we may use third-party analytics tools such as Google Analytics, Meta Pixel, Mixpanel, Segment, and other tools in the future to collect and analyze data about your website and platform usage. These tools provide insights into user behavior, helping us enhance our services

Updating our cookies policy: We may occasionally revise our use of cookies, which could lead to updates to this policy. We recommend that you review this cookies policy regularly.

7.  How we use your personal data
We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data in the following cases:

- When you have provided prior consent: This involves handling your personal data after you’ve given explicit approval, typically through a clear opt-in or statement indicating agreement for a specific purpose. Your consent is valid only when it is freely given, specific, informed, and clearly expressed. You can revoke your consent at any time by reaching out to us.

- When it aligns with our legitimate interests: We may process your personal data where it's necessary for the legitimate interests of our business or a third party, provided those interests are not overridden by your own rights and fundamental freedoms. Our legitimate interest involves managing our operations efficiently to provide you with the highest quality service and a secure experience. Before we process your data under this basis, we carefully weigh the potential effects on you and your rights. We will not use your personal data in cases where your rights outweigh our interests unless we have your consent or are required by law. If you'd like more details on how we assess these interests, feel free to contact us.
‍
- When we are obligated to comply with legal requirements: This includes processing your data when it is necessary for us to meet legal or regulatory obligations.

During our relationship, Tandem may process your personal data for the following purposes and on the following legal bases:‍

8. Storage of Data
‍
Your personal data will be stored only for as long as necessary to fulfill the purposes for which it was collected. Once those purposes have been met, we will securely delete or anonymize your data, unless legal or regulatory obligations require us to retain it for a longer period. We retain your personal data as long as it is needed to provide you with the services for which it was collected, such as operating our Website. If you file a complaint or we anticipate potential litigation, we may retain your data for a longer period. Additionally, certain legal and regulatory requirements may compel us to hold on to your information for compliance purposes.  You have the right to request the deletion of your data under certain circumstances.Please refer to the "Your Rights" section (11) for more details. In some cases, we may anonymize your data, making it no longer personally identifiable. This anonymized data may be used for research or statistical purposes indefinitely, without further notice to you.

9. Disclosures of your personal data
Within Tandem, only authorized personnel, based on their roles and responsibilities, may access personal data. This access is strictly limited to what is necessary for performing their duties. Your personal data may be shared with our data processors (such as technical service providers), but only when necessary for them to carry out their assigned tasks. These third-party companies are prohibited from sharing or using this information for any other purpose. Tandem has ensured that each contract with these companies includes measures to safeguard your data.In some cases, your personal data may be shared with authorized third parties, such as public authorities legally permitted to request such information. We may need to share personal data with the following third parties:

- Service providers acting as processors, such as: Microsoft Azure (EU), which provides data hosting services in connection with the website and/or platform.
- Other suppliers who may provide services such as IT and system administration.
- Professional advisors, acting as processors or joint controllers, including lawyers, bankers, auditors, and insurers, who offer consultancy, legal, banking, insurance, and accounting services.
- Regulatory authorities, local governments, or other public agencies, acting as processors or joint controllers, who may require data for reporting purposes.

We only permit service providers to process your personal information if they take appropriate steps to protect it. We impose contractual obligations to ensure that these providers use your data solely to provide services to us and you, with no other purposes. Additionally, we may share information with law enforcement and regulatory agencies to comply with legal and regulatory requirements

10. Data Security
‍
We are committed to ensuring the confidentiality, integrity, availability and security of your personal data. In accordance with the GDPR, we endeavour to implement the appropriate technical and organisational measures to guarantee the level of security that is most appropriate to the risks incurred when processing personal data.

We also take steps to prevent, as far as possible, any loss, accidental destruction, alteration or unauthorised access to your personal data.Your personal data may be transferred to third countries located outside the European Union. In such cases, we systematically take all appropriate measures to verify and, if necessary, guarantee that the recipients of the data comply with an adequate level of protection equivalent to the European regulations, by signing standard contractual clauses adopted by the European Commission.

11. Your rights
‍
In accordance with the GDPR, you have the following rights regarding your personal data:

‍Right to Information
You have the right to receive information about how we process your personal data. We inform you through this policy and by answering your questions.

‍Right to Access
You have the right to receive confirmation from us regarding whether we process your personal data. You also have the right to access the personal data and certain information about the processing itself (e.g., the purpose of the processing).

‍Right to Rectification
You have the right to have incorrect personal data corrected without undue delay. You also have the right to supplement incomplete data.

‍Right to Erasure (Right to be Forgotten)
You have the right to have your personal data erased under certain circumstances.
The right to erasure does not apply if processing is necessary for
- Exercising the right to freedom of expression and information.
- Compliance with a legal obligation under Union or Member State law
- Establishment, exercise, or defense of legal claims.
The right may also be limited if the data is still necessary for the purpose or if there are compelling legitimate grounds for processing.
However, the right to erasure always exists in the case of direct marketing upon objection under Article 21.2 GDPR.

‍Right to Restriction of Processing
You have the right to require the restriction of processing if:You contest the accuracy of the data.The processing is unlawful.The data is no longer needed for the purposes but necessary for legal claims.While awaiting verification of overriding interests after you objected to processing under Article 21.1 GDPR.

‍Right to Object
You have the right to object to processing based on:
‍
- Public interest
- Exercise of official authority
- Legitimate interests pursued by us.
‍
Processing ceases unless there are compelling legitimate grounds overriding your interests or for establishing, exercising, or defending legal claims.
‍
Processing for direct marketing purposes ceases immediately upon your objection.

‍Right to Data Portability
You have the right, in certain cases, to receive the data you provided and to have it transferred to another data controller.
This applies when:The processing is automated.Based on your consent or a contract.

‍Rights in Relation to Automated Decision-Making
You have the right not to be subject to automated decision-making, including profiling, which produces legal or similarly significant effects.
‍
Exceptions apply if:
- Necessary for the performance of a contract
- Permitted by Union or Member State law
- Based on your explicit consent.

‍Right to Lodge a Complaint
‍
According to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe the processing violates GDPR.
‍
More information and complaint forms can be found on the websites of national Data Protection Authorities

How to Contact Us or File a Complaint
Should you wish to exercise your rights over your personal data, please contact us:By e-mail: dpo@tandemhealth.ai

‍By post: Tandem Health AB – Attn.: Data Protection Officer, Kungsklippan 12, 112 25 Stockholm, Sweden

By contacting the local regulatory authorities (e.g., CNIL, ICO, AEPD).
‍
However, we would appreciate the opportunity to deal with your concerns before you approach any regulator — please contact us first.

Updates to the Website Personal Data PolicyTandem Health continually works to improve our services. Therefore, we may update this policy.
‍
When changes are made, we will publish the updated version on our website and indicate the date of the latest update.
‍
For updates of significant importance to the processing of your personal data, we will notify you by email or through a notice on our website, in accordance with applicable legislation.
‍
Please visit this page regularly to stay informed about how we process your personal data.

‍Last updated: September 1st, 2024