biSSkapp Privacy Policy

1 REVISION HISTORY AND CHANGE DETAILS

Change DetailsRevision NumberRelease Date
Initial Release00October-2023

2 INTRODUCTION

At Swallowing Technologies (Company), we understand the importance of privacy and the protection of your personal information and non-personal information. Swallowing Technologies complies with applicable laws to ensure delivery of privacy and protection.

3 PURPOSE

This Privacy Policy addresses privacy with the Company’s product BiSSkApp.

BiSSkApp is intended to be used as a rehabilitation tool to support recovery of swallowing in patients with dysphagia through visualisation of muscle activity; it is to be used solely under the guidance of a qualified health care professionals.

4 EFFECTIVE DATE

The Privacy Policy is effective from June 2023

5 WHAT DATA DO WE COLLECT AND WHY DO WE COLLECT IT?

The Company collects both information identifiable about an individual e.g., name (Personal Information) and information that doesn’t personally identify an individual or information that has been anonymized (Non-Personal Information) for the reasons described below.

Disclosure of information by You to the Company is required for the intended use of BiSSkApp. Choosing not to permit collection of information by the Company will result in an inability to access BiSSkApp.

5.1 CLINICIAN DETAILS

We collect the following Personal and Non-Personal Information.

Personal InformationNon-Personal Information
First NamePin code to access Clinician Settings
Last Name
Email
IP Address

5.2 PATIENT DETAILS

We collect the following Personal and Non-Personal Information. We collect Your patients Personal and Non-Personal Information when You register them to use BiSSkApp.

Account Registration
Personal InformationNon-Personal Information
NamePassword
Username
Email
IP Address
Patient Profile
Personal InformationNon-Personal Information
Name*Random Identifier
Date of BirthRehabilitation Start Date
GenderRehabilitation End Date
IP AddressReason for Rehabilitation Discharge
*While a patient name can be entered, it is encouraged that a random identifier is used. Management of this is the responsibility of the Clinician.

5.3 COOKIES

Cookies
NamePurpose
Access TokenAuthorise API operations.
ID TokenUsed to authenticate users and contains information
such as name, username, and email.
Refresh TokenRefreshes Your Access and/or ID tokens when they
expire
Last Auth UserUsed to maintain the username of the user that was
last authenticated in the browser.

We use Cookies so that we can enable You to be automatically logged into the Web Application between uses. We use Cookies to collect information as described below.

6 WHO WILL COLLECT AND HOLD INFORMATION?

The following table describes the agencies that will collect and hold the information collected.

NameTrade NameAddress
Swallowing Technologies Limited



Swallowing Technologies



Leinster Chambers,
Level 1,
249 Papanui Road,
Strowan,
Christchurch 8014
New Zealand

7 WHO WILL HAVE ACCESS TO THE INFORMATION?

The intended recipients of the collected data will be:

Recipient NameRecipient Addres
Swallowing Technologies Limited




Leinster Chambers,
Level 1,
249 Papanui Road,
Strowan,
Christchurch 8014
New Zealand

Swallowing Technologies shall use the following Data Processors:

Data ProcessorPurpose
Swallowing TechnologiesCollection of personal information and non-personal information when users register as a Clinician to use BiSSkApp.
Collection of personal information and non-personal information when Clinician’s create a profile for their patient so they can use BiSSkApp.
AWS Amplify DataStore
Data which is stored locally on the native
application.
Collection and storage of (1) patient training data, (2) users’ username and password and (3) clinician’s pin code during online and offline use of BiSSkApp.
AWS DynamoDB
Data which is stored in the cloud.
Collection and storage of (1) clinician registration details, (2) patient profiles and (3) data from AWS Datastore so that clinicians can review and amend the patient rehabilitation program.
AWS AppSync
Data which is processed by the cloud.
Processing of (1) clinician registration details, (2) patient profiles and (3) data from AWS DataStore to AWS DynamoDB,so that clinicians can review and amend the patient rehabilitation program.
AWS Cognito
Data which is collected, processed and stored in the
cloud.
Collection, processing, and storage of (1) username, (2)
email and (3) name when a user registers or signs into
their profile.
AWS Cloudwatch
Data which is collected and stored in the cloud.
Collection and storage of all event data e.g., data
request, user sign-in

To enable delivery of BiSSkApp, the Company may disclose collected data to third parties such as our suppliers, consultants, and other representatives who may be based outside of Australia, New Zealand, and Europe.

The Company shall not sell or rent your Personal Information.

8 PROTECTION OF INFORMATION

All information is protected against loss, unauthorised access, modification or disclosure and other misuse through security and storage.

Information provided to any parties in connection with the provision of BiSSkApp, the Company will do everything reasonably within its power to prevent unauthorised access or disclosure of the information.

If there is a violation in our security systems, leading to non-permitted access to your Personal Information, we will contact You via the contact details provided.

8.1 SWALLOWING TECHNOLOGIES

Our databases and third-party services (e.g., AWS) have restricted access to Company staff only who can only use your Personal or Non-Personal Information for the permitted reasons described in Section 5.

Any parties authorized by the Company to process Personal Information have demonstrated security measures which ensure full compliance with applicable data protection laws e.g., NZ IPP.

8.2 AWS Services

AWS comply with industry specific standards such as ISO 27001, ISO 27017, ISO 27018, ISO 27701 and SOC 1, 2 and 3 reports.

9 ACCURACY OF INFORMATION

Personal Information collected by the Company is voluntarily provided by You. As such, the accuracy of the Personal Information we receive is dependent on what You provide.

The Company shall endeavour to ensure that any information that is incorrect is corrected and updated when specific requests to do so are made in accordance with Section 11.

Where Personal Information is disclosed to further the use of BiSSkApp, the Company shall ensure that the information is accurate, up to date, complete, relevant, and not misleading.

10 RETENTION OF PERSONAL INFORMATION

The Company shall not retain Personal Information for longer than is required for the purposes for which the information may be lawfully used.

11 INFORMATION RIGHTS

You have the right to consent to the Company collecting Your Personal and Non-Personal information.

You have the right to confirm if the Company holds any Personal Information about You.

You have the right to access, correct, erase, or restrict processing of Your Personal Information at any time. A formal request shall be made in writing addressing Privacy Officer at privacy@swaltech.com

There may be instances that the Company may require additional information to confirm Your identity

The Company shall provide the information free of charge unless the request is manifestly unfounded or excessive. If the request is found to be the latter, the Company shall provide rationale for either:

  1. Charging You for the request to account for administrative costs of providing the information
  2. Refusing to act on Your request

There may be instances where the Company is unable to identify You. If this instance occurs, then the Company may be unable to act upon Your request.

If dissatisfied with how the Company manages your request, You have the right to lodge a formal complaint with the appropriate authority.

LocationAuthority
New ZealandPrivacy Commissioner
United StatesU.S. Department of Health and Human Services

You have the right to object to the processing of your Personal Information at any point in the process. Once an objection is made, the Company shall no longer process your Personal Information.

SWALLOWING TECHNOLOGIES LIMITED 

ALL RIGHTS RESERVED 2022