Version: May 25th 2018
Karify is provided by Karify B.V. (“Karify”), a limited liability private company, located at Pythagoraslaan 101 (Dutch Chamber of Commerce number: 58658394) . You can reach Karify at firstname.lastname@example.org. Karify has appointed a security officer that you can reach by emailing email@example.com.
3.1. As data controller, as referred to in the General Data Protection Regulation (“GDPR”), Karify processes visitor data to:
3.2. As data processor, as referred to in the General Data Protection Regulation (“GDPR”), Karify processes user data to:
3.3. When processing personal data from visitors or users, Karify does on legal basis as referred to in the GDPR. The legal basis can be:
3.4. When the public websites are visited, the browser type, browser language and IP-adress as well as information regarding the operating system and device of the visitor is registered. The time of the visit and the specific elements of the website visited are also registered. This is described in more detail in article 10.
3.5. From time to time, Karify may ask permission to process data not described in this document
3.6. Karify shall not sell personal data to third parties.
4.1. If a user or visitor is younger than 16 years of age, the user or visitor may only provided their data to Karify with permission of their parents or persons with parental authority.
5.1. User can share (parts of) their health data in their personal environment with healthcare providers. Users will at all times be able to see with whom they have a connection. For some transfers of data, Karify will have to request permission of the user or visitor. Karify may be legally obliged to issue personal data to for example the national tax services, police or a legal supervisor.
5.2. When Karify users sub data processors for personal data, Karify will hold them to a data processor agreement subject to the GDPR.
6.1. Karify processes users’ and visitors’ data only within the European Union, by only keeping this data in data centers located in the European Union.
6.2. De GDPR applies to all countries in the EU. When Karify uses sub data processors, Karify demands they store data within the EU. In the case this is not possible, Karify will take necessary measures to provide an appropriate level of security for the protection of the data.
7.1. Karify takes appropriate technological and organizational measures to prevent loss of personal data or illegitimate processing of personal data.
7.2. Karify is only accessible via the HTTPS-protocol, ensured by SSL-certificates with 256-bit encryption. This means that all communication from and to the Karify servers is encrypted and that users are ensured of a direct connection to the Karify servers. The Karify network and data center are ISO27001 and NEN5710 certified.
7.3. Access to Karify-data is closed to the outside, through firewalls and principles like white listing and security by design. Additionally, active monitoring and logging is standard procedure, in order to act upon undesired activity in the network.
7.4. For more information contact Karify Security Officer at firstname.lastname@example.org
8.1. Karify or Karify’s websites may contain links to third party websites. Their respective privacy statements apply on data processing. Karify is not responsible for the content on third party website and their data processing.
9.1. Where Karify is data controller, users and visitors have the right to:
9.2. Users and visitors can assert any of the above rights by sending a request to email@example.com. All requests will be handled in compliance of the GDPR.
9.3. In case Karify processes data based on consent, a user may at all times withdraw this consent by emailing a request to firstname.lastname@example.org
9.4. Users and visitors have the right to file a complaint with the supervising authority.
9.5. When Karify asks for information from a visitor or user, Karify will state which of the requested information is optional. When the user or visitor does not supply the requested information, it might be impossible for Karify to fulfil a request or service.
9.6. Karify maintains the right to refuse any request of a user or visitor if this person cannot prove his/her identity and/or an exception to the GDPR applies. In such a case, Karify will notify the respective user or visitor.
10.1. The public websites and apps of Karify save information and gain access to visitors’ device in the form of cookies (“cookies”). Karify users tracking cookies to gain insight into visitors’ behavior on the public websites. For this we use Google Analytics.
10.2. Upon initial visit to Karify’s public websites, visitor will be informed of the use of these cookies and prompted to accept them. By proceeding to use the website, the visitor accepts these cookies as described in this article.
10.3. Other cookies are used to enable the communication with visitor or user, that are necessary to provide Karify’s service (session cookies or statistical cookies). No prior consent is necessary for these cookies.
10.4. Users or visitors may refuse these cookies via their browsers by blocking cookies are removing cookies. Blocking or removing certain cookies might causes certain parts of Karify not to work or have reduced functionality.
11.1. Data as referred to in Article 3.1 is kept for a maximum of fourteen months after their respective visit. Data as referred to in Article 3.2 will be kept until the subscription is ended or a request has been filed to delete the account. When you request for your account to be deleted, we will complete this within the legally required period.
12.1. Questions regarding privacy may be addressed to Karify’s management via mail or via email at email@example.com
13.1. This privacy declaration may be changed by Karify from time to time.