Protecting your privacy is very important to us; this is how we ensure that your data remains private
- OWise holds no personal identifiable data; we will never know who you are. (To this end, all personal data you enter is encrypted and your email address is “hashed”. These are stored separately on a secure and automatically encrypted cloud platform. This data may only be accessed by you.)
- We frequently update the OWise website and app to comply with the latest security standards.
- By agreeing to our Terms and Conditions, you give consent that your fully anonymised treatment data may be used as part of a larger, aggregated set of data for medical research. This means that all the other details that you enter into OWise are never seen by us and are never used for research–not by us or anyone else.
- The only person who can share your OWise data is you. You can do this through the share button in certain functions on the OWise app (e.g. Trends), by printing out data and bringing it with you to your next doctor’s appointment or by using the Share my Data function if your hospital has signed up to OWise.
OWise and your privacy
In using the App or the Site you may provide us with very sensitive information. We consider it is essential that any information you provide is on an anonymous basis and we do not know your identity. It is a condition of your use of the Site and the App that you do not provide us with any information that might alone, or in combination with any other information, be used to identify you.
We take a number of precautions to avoid obtaining information which might lead to your identification:
- During your registration and use of the Site or the App we do not ask for your name, date of birth, address or any other information which might be used to identify you.
- The email address used to register for the Site or the App is hashed, so that it cannot be related back to the original email address on our computer systems. Email hashing is a cryptographic function, it’s a method of coding an email address for privacy, so each email becomes an unrecognizable jumble of numbers and letters. This means our system administrators and developers cannot access your email address. We may send you automated e-mails regarding your registration with us or to reset your password. Where we do so, your email address is stored in a hashed form on our servers and cannot be accessed by us or anyone else.
- Any photographs, videos or sound recordings you provide as part of your non-treatment data (see below) are not held on any computer systems we control, but are rather stored separately on a secure and automatically encrypted cloud platform. This data may only be accessed by you. No one else may access or link this data with other anonymous data you provide.
The intention of these precautions is that we will only ever handle fully anonymous user data and will not control or process your personal data.
Information we may collect
In using the Site and App you will provide us with anonymous information about yourself. We distinguish between two types of information:
- Anonymous treatment data, which includes details about the type and stage of your cancer, tumour size, any side effects, nature and results of any relevant treatment, your year of birth, gender, the hospital you are being treated, and whether your cancer is hereditary, as well as non-personal information you submit as part of your treatment plan and “How do I feel right now?” records.
- Anonymous non-treatment data, which includes your diary entries, personal notes, audio recordings, photographs and any questions and answers you enter into “Question Lists”.
How we use your information to operate the Site and the App
We will use the anonymous information to provide you with relevant content and materials to offer practical support during your treatment and specific information about your type of cancer.
We may also use the anonymous information to:
- administer the Site and the App and for internal operations, including troubleshooting, data analysis and Site and App testing;
- improve the Site and App to ensure that content is presented in the most effective manner for you and for your device;
- allow you to participate in interactive features of our service, when you choose to do so; and
- keep our site safe and secure.
How we use your information to support medical research into improving the outcomes of cancer
We may use the anonymous treatment data as part of a large sample of patient data for medical research purposes. We will not use non-treatment data for medical research purposes. Our use of the anonymous treatment data will comply with the US HIPAA Privacy Rules.
The medical research we conduct is focused on patient-reported outcomes related to cancer treatments and may include research into:
- side effects during and after medical or drug treatments;
- outcomes including quality of life in patient subgroups;
- interactions between different medical treatments;and
- correlations between different treatments, trends and cancer subtypes.
We aim to share insights obtained from the fully anonymous and grouped user data with other medical research parties. These third parties may be non-profit (such as hospitals or academic research centres) or for-profit (such as pharmaceutical or diagnostic companies) organisations. All shared insights and data are applied to advance medical research in order to improve the clinical outcomes of cancer treatment.
We take the protection of the anonymous treatment data very seriously. An independent non-profit foundation named Stichting Px for Life has been established to manage and protect the anonymous treatment data we collect. Stichting Px for Life is an ANBI foundation, which is a Public Benefit Organisation under Dutch law (where the Site and App were first developed). As an ANBI foundation Stichting Px for Life must comply with integrity requirements and focus its efforts on the general good.
All the anonymous treatment data we collect is automatically assigned to Stichting Px for Life and then licensed back to us whilst we continue to operate as a company. This means that if we had financial problems, the anonymous user data would not form part of our assets. Instead, our license to use the data would end and Stichting PX for Life would be able to use the anonymous data for medical research purposes meeting the values of the foundation.
We have put in place appropriate security measures to prevent anonymous data from being accidentally lost, used or accessed unlawfully, altered or disclosed. Although we will take reasonable steps to protect any data we store, we cannot guarantee the security of any data transmitted to the Site or the App. Any transmission is at your own risk. Once we have received any data, we will follow strict security procedures to prevent unauthorised access.
Further examples of security measures that have been taken include:
- Strict account management functions (e.g. passwords are never sent by e-mail, users confirm account registration via a confirmation e-mail).
- A PIN code can be activated when using the app on a mobile device; the website features a rapid time-out that requires log-in to re-enter the site.
- Passwords are stored in a highly secured, hashed manner on a UK server
- System administrators and developers do not have access to users’ e-mail addresses via an interface. The user is truly anonymous.
All the content within the app is based on the national guidelines for the diagnosis and treatment of cancer and is regularly updated and reviewed by medical professionals in the field.
The Site does not use third-party cookies. A cookie is a tiny fragment of data that is sent along with the pages of a website or app. It can track which web pages or apps you visit and can target you with advertising related to your website browsing behaviour and app use. By not tracking you with third-party cookies, the risk of being subjected to targeted advertising will be minimized using OWise products.
Where the anonymous data is stored
The anonymous data that we collect from you is transferred to, and stored at, a destination within the United States (US). It may be processed by organisations operating outside the US on our instructions.
If you have questions or comments regarding the protection of your privacy or the use of the anonymous treatment data to advance medical research, please contact us at firstname.lastname@example.org.