In accordance with the provisions of EU Regulation 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, the Matisse Platform collects, processes and stores personal data for the purpose of registering and verifying information recorded by Users.
In this respect, Labmatisse has the obligation to administer safely and only for the specified purposes the personal data that the Users provide in connection with their own person.
To be able to use the Matisse Platform, the registration of persons who create an account necessarily involves the collection and processing of the following personal data for that purpose:
Creating accounts requires the registration of e-mail to achieve double authentication for first login. In this regard, the User will click on the e-mail confirmation link to log in and complete the account creation procedure.
The personal information we may collect or store may also include information about the computer or mobile device you are using, and about your Internet browser, computer or mobile device type, including any other versions or desktop devices you are using, and any other information about how you use the Matisse Platform (time spent on the Website, activity on the Website, number of visits, posted comments or other information that you register on the Website).
We may use the personal data provided by the User at the time he or she creates his or her account for the following purposes (subject to applicable legal restrictions):
The Matisse Platform shall not distribute, sell or lease in any way the personal data included in our databases except with the consent of the User or at the request of the courts or other authorised public institutions.
Labmatisse undertakes to observe the following obligations:
a) to act in the best way to achieve the purpose of the Service;
b) to apply appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure or unauthorised access, as well as against any other form of illegal processing;
c) to apply appropriate technical and organisational measures to ensure that the Patient User’s personal data recorded in the medical record may onlybe disclosed to the User. A User shall not be able to view the personal data of another User or patient;
d) to ensure the encryption of Content uploaded by Users in the Matisse Platform so that it is not available to third parties or other Users, except in cases where the User chooses to share such Content;
e) to ensure all technical and legal measures so as to guarantee the safe storage of the Content; By accessing the Matisse Platform, appropriately filling in and submitting the form available on the Platform, the User hereby confirms and agrees, expressly and unequivocally, that the Provider can process his or her personal data to achieve the above purpose.
Labmatisse shall process the User’s personal data for the entire period of time required to achieve the above purpose and even thereafter, in accordance with applicable laws. Also, personal data will be processed on three levels, namely “production”, “staging”, and “testing”. Nevertheless, the User has the right at any time to request the deletion of the recorded personal data, to leave the Matisse Platform and to be forgotten, irrespective of the technical level at which the data was processed.
Labmatisse collects and processes the User’s personal data solely on the basis of the consent given by the User at the time of registration on the Matisse Platform and for the purpose of performing a contract (within the meaning of Article 6 (1)(b) of EU Regulation 679/2016).
The only information the Matisse Platform requires from a patient is a photograph of the teeth. This photograph will be processed for establishing a reference code. The basis for the processing of the photograph is fulfillment of an agreement. The photograph will be stored as long as necessary for the purpose for which it is processed.
The Matisse Platform shall process personal data, only for the purposes stated above and solely on the basis of the express consent of the Users granted distinctly according to the specific purpose of the data processing.
User consent granted to create a user account. Users consent to the processing of their personal data provided in the registration form in order to create the user account.
User has the patients consent granted for the uploading and processing of the photograph of the teeth. User will not provide any other personal data of the patient to Labmatisse.
Granting consent for this purpose involves the Users’ acceptance regarding the processing of sensitive personal data on the Matisse Platform, which can only be found in photographs and videos.
Users have the option to express their consent to receive notifications at the e-mail address registered in each User’s account regarding Platform updates or other published content therein, through the application.
If the User does not give his or her consent in this regard, he or she shall be able to access the system notifications only on the Platform.
User grants consent for patient for publication of educational articles or seminars. Consent shall be separately requested for this purpose, and not granting such a consent shall have no effect on the services that the User may receive on the Matisse Platform.
In accordance with the provisions of EU Regulation 679/2016 (General Data Protection Regulation), the User, as the data subject, has the following rights:
a) Right to information. You have the right to receive clear, transparent, easily understandable and easily accessible information about how we process your data, including details about your rights as a data subject. This information on the data, purpose, and manner in which we process your data is also included in this Policy.
b) Right of access to personal data. You have the right to access the data we process about you without incurring any charge for the first data provided. If you will need copies of the data already provided, we may charge a reasonable fee, considering the administrative costs of providing such data.
c) Right to rectification of personal data. If you find that your data that we process is incorrect, incomplete or inaccurate: you can rectify them directly in your client account.
d) Right to object. At any time, you have the right to object, for reasons related to your particular situation, to the processing of your personal data. We will no longer process your personal data unless
(i) we have legitimate and compelling reasons that justify the
processing and that prevail over the interests, rights and freedoms of
any data subject; or
(ii) if the data is necessary to establish,
exercise or defend our rights in court.
e) Right to data erasure (right to be forgotten). You have the right to ask us to delete your data in any of the following situations: You have the right to ask us to delete your data in any of the following situations;
(a) you withdraw your consent on which the processing is based, and
there is no other legal ground for further processing;
(b) you
object to the processing based on our legitimate interest and we cannot
prove that we have any legitimate interests to justify the processing,
and that prevail over your interests, rights and freedoms;
(c) the
personal data have been unlawfully processed;
(d) the personal
data have to be erased in order for us to comply with our legal
obligations. This is not an absolute right. We will be able to reject
your request for data erasure if:
(i) we are compelled to comply with legal obligations to keep the data;
(ii) your data has been included in specialised articles and/or
spotlights for which you have given your consent; or
(iii) if the
data are necessary to establish, exercise or defend our rights in court.
f) Right to portability. When processing your data based on your consent
or for the performance of the contract, you will automatically have the
right to request the transfer of your data:
(a) to you, or
(b) to another controller indicated by you. The second situation assumes that you have the option of requesting us
to transfer the data associated with the User account to another data
controller. Please note that you will only be able to request the
porting of your personal data that you have disclosed directly and
actively.
h) Right to bring a matter to the Dutch Data Protection Authority. You have the right to submit any complaints to the Dutch Data Protection Authority, on how we process your personal data. However, we hope you decide to talk to us first before submitting any complaints. Protecting your data is very important to us, which is why we ensure you that we will take all the necessary measures to solve any problem with your data control and security.
In order to exercise these rights, the User may contact the Provider via
e-mail at:..
[support@matisse.ai]...The refusal to provide the personal data necessary for the purpose
mentioned above and the subsequent request to erase the personal data of
the User implies the deletion of the User’s account from the system and
the impossibility to receive the Service via the online Platform.