This Privacy Policy is intended to help you understand how your Telecare Service Provider and Telecom Design provide their services in this app regarding your Data Privacy and how to exercise the choices and rights you have in your information.

Your Telecare Service Provider provides the telecare services to the older people that you follow when using this app (the Caregiver App).

Your Telecare Service Provider is your main point of contact, both for you and the older people you support. Your Telecare Service Provider manages all service agreements and data related to the assistance provided.

1. Scope of this policy
This Privacy Policy applies when you use this app (the Caregiver App).

2. Legal basis for processing personal information
The processing of your personal data has the following legal bases:
– The acceptance of the Data Privacy Policy for the use of the Caregiver App that constitutes a contract;
– Your consent when required by the regulations in force, including in terms of cookies;
– Our legitimate interest in ensuring and improving the quality and security of the Caregiver App;
– Our legitimate interest in carrying out optional satisfaction surveys regarding the Caregiver App in order to improve it; and
– Our compliance with legal and regulatory obligations to the relevant authorities.

The Data related to the older people you follow, and their processing have different legal bases: those data are covered by dedicated contracts & agreements under the responsibility of your Telecare Service Provider. Your phone number, mandatory to use the Caregiver App, is initially gathered by the Telecare Service Provider and associated to the older people you follow by the Telecare Service Provider.

3. Information we collect
3.1 Information you provide to us
Personal information you provide to us within the Caregiver App may include:
– Your first and last name, for authentication
– Your phone number for authentication
– Your relation type to the older people that you follow (professional helper or family helper for example)
– Your phone language to display the best possible language in the Caregiver App
– Personal nickname of the older people you follow with the Caregiver App (if you choose to customize it)
– Photo/avatar of the older people you follow with the Caregiver App (if you choose to customize it)

3.2 Information we receive from other sources
With regards of the Caregiver App and the Data related to the older people you follow, Telecom Design act as a data processor in relation to certain personal data that we handle on behalf of your Telecare Service Provider. As a processor, we process personal data only under the documented instructions of your Telecare Service Provider, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

We do not determine the purposes or means of processing those personal data. Our responsibilities are limited to providing services as agreed, maintaining appropriate technical and organizational measures to protect personal data, and supporting your Telecare Service Provider in fulfilling their legal obligations toward data subjects.

3.3 Cookies and other automated means of obtaining information
A cookie is a small file placed on your mobile phone. We use cookies to improve the user experience on the Caregiver App, for example, by saving a user’s language preference or geographic region. Some information about you may be automatically collected by virtue of you visiting our Caregiver App, such as your computer or mobile device operating system type and version number, manufacturer and model; device identifier; browser type; screen resolution; IP address; general location information, and information about your use of and actions on the Caregiver App, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.

4. How we use your information
We never sell your personal information to any third parties. Instead, we use it for the following business purposes and as otherwise described in this Privacy Policy or at the time of collection:

4.1 To provide our Services, namely to:
– ensure your secure authentication on the Caregiver App by sending authentication code by text message on your phone number;
– establish and maintain your user account on the Caregiver App;
– allow you to personalize the name and photo of the older people you follow;
– communicate with you about the Caregiver App, including by sending updates, security alerts, and other messages;
– provide support and maintenance for the Caregiver App;
– respond to your requests, questions and feedback.

4.2 For research and development
We analyze your use of the Caregiver App to improve the Caregiver App and to develop new products and services.

4.3 For compliance, fraud prevention, and safety
We may use your personal information to comply with applicable laws and legal process, such as to respond to subpoenas or requests from national authorities. In very limited circumstances we may also disclose your personal information to law enforcement and government authorities, i.e., if there is a legal basis for requesting and providing the data and if the applicable regulations sufficiently protect the rights of natural people in their personal data, and also, in case of non-EEA transfers for European residents.

4.4 To create anonymous data
We create aggregated and other anonymous data from your personal information and information of other individuals whose personal information we collect. We do it by removing all information that makes it personal and allows for identification of any person. We then use this anonymous and aggregated data to analyze and improve the Caregiver App, develop new products and services, and promote our business.

5. How we share your personal information
We never share your personal information with any third parties without your consent, except in the following circumstances or as otherwise described in this Privacy Policy (such as for legal purposes):
– Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, auditors, or insurers, where necessary in the course of the professional services that they provide to us.
– Third-party service providers. We may share your information with third parties that perform services for us or on our behalf, such as hosting services or data analytics.
– For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.
– Internal reorganization or restructuring.

We may sell, transfer, or otherwise share some or all of our business or assets, including your personal information, in connection with a corporate restructuring or reorganization, such as a merger, consolidation, acquisition, reorganization or sale of assets. The terms of this Privacy Policy will apply to the successor company in any such transaction.

6. Data retention period
We will retain personal information that we receive and collect about you for period which is reasonably required for us to use it in accordance with the periods indicated in this Article or in accordance with the applicable law.
Except for litigation or judicial requisition and before archiving for compliance with our legal and regulatory obligations, most of the personal data collected are kept on an operational basis for 24 months.

7. Your GDPR and CCPA rights
You have several rights in your personal information provided by law – under the European General Data Protection Regulation (“GDPR”) or California Consumer Privacy Act (“CCPA”) – depending on where you live. You will find some details about these rights below. You can exercise these rights by sending us an email at dpo@telecomdesign.com or by contacting directly your Telecare Service Provider.

Please indicate your full name, email address, your city and state or country and the nature of the GDPR or CCPA right you wish to exercise, and we will get back to you as soon as possible. Please note, we will need to be able to verify your identity to properly respond to your inquiry.

7.1 GDPR rights
To the extent the GDPR is applicable to you, we process your personal data under the following legal bases:
– Legal obligations: processing your data is necessary for compliance with our legal obligation;
– Public interests: processing your data is related to a task that is carried out in the public interest or in the exercise of official authority vested in us;
– Legitimate interests: processing your data is necessary for the purposes of the legitimate interests we pursue.
– Consent: you have given your consent for processing your data for one or more specific purposes;

In any event, we will gladly help clarify the specific legal basis that applies to the processing of personal data in every situation.

Your Rights under the GDPR
To the extent the GDPR is applicable to you, you have the following rights under this Privacy Policy and by operation of the law:
– Right of access (article 15 of GDPR). You have the right to request a copy of the personal data we have about you, in an easily understandable format, as well as a copy of this Privacy Policy on a durable medium.
– Right of rectification (article 16 of GDPR). You have the right to ask us to correct, complete or update information we have about you, if it is inaccurate, incomplete or out of date. In this case, please let us know the updated or corrected information in the same email.
– Right to object to processing of your personal data (article 21 of GDPR). This right exists when we rely on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your personal data on this ground. You also have the right to object when we are processing your personal data for direct marketing purposes.
– To request erasure of your personal data (article 17 of GDPR). You have the right to ask us to delete or remove your personal data when there is no good reason for us to continue processing it.
– Request the portability of your personal data (article 20 of GDPR). We will provide to you, or to a third-party you have chosen, all your personal data we hold on you in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you or an organization you represent.
– Withdraw your consent (article 13(2)(c) of GDPR). You have the right to withdraw your consent about processing your personal data by us. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Services.
– Right to limit the processing of data (article 18 of GDPR). You have the right to restrict processing of your personal data under these four circumstances: (1) you contest the accuracy of your personal data; (2) the processing is unlawful but you would prefer a restriction rather than erasure of your data; (3) we no longer need to process your data but are required to keep them to enable you to establish, exercise or defend against legal claims; and (4) you have objected to processing pursuant to article 21 (1) of the GDPR pending the verification whether our legitimate grounds override yours.
Finally, you have the right to complain to a Data Protection Authority about our collection and use of your personal data. Of course, we hope for an opportunity to be able to resolve the matter. But if you wish to do so, you have the right to refer the matter to the competent authority for data
protection in France, namely the Commission Nationale de l’Informatique et des Libertés (CNIL), via its website cnil.fr or by mail at the following address CNIL – 3, place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07. This right may be exercised at any time and it’s free.

7.2 CCPA Rights
To the extent the CCPA is applicable to you under this Privacy Policy and by law if you are a resident of California, you have the following rights:
– The right to notice. You have the right to be informed about the categories of personal data that are being collected and the purposes for which your personal data is being used;
– The right to access / the right to request. You have the right to request and obtain information regarding the disclosure of your personal data that we have collected in the past 12 months and disclosed to a third party for its direct marketing purposes; (Note, we never share your information with any third parties for their marketing purpose!)
– The right to say no to the sale of personal data. You also have the right to ask us not to sell your personal data to third parties; (Note, we never sell your personal data to any third parties);
– The right to know about your personal data. You are entitled to request and obtain information about the categories of your personal data collected, the sources from which the data was collected, the business or commercial purpose for collecting or selling the data, categories of third parties with whom we share personal data and specific sets of personal data we collected about you;
– The right to delete personal data. You can request the deletion of your personal data that we have collected in the past 12 months.
– The right not to be discriminated against. You have the right not to be discriminated against for exercising any of your CCPA rights, including by denying goods or services to you or charging different prices or rates for goods or services.

8. International data transfers
Information we collect from you may be transferred to and processed in countries other than your country of residence, including the United States, in accordance with applicable law. By providing us with your information, you acknowledge any such transfer and processing.
If you live in the European Economic Area (EEA) or the United Kingdom, please note that, if we transfer your information outside the EEA or UK for processing, we will take appropriate measures to ensure that such processing complies with this Privacy Policy and your information is otherwise adequately protected. The measures we undertake include signing Standard Contractual Clauses in accordance with the GDPR and other data protection laws to govern the transfers of such data.

9. Data security
Securing and safeguarding your data is our utmost priority. We implement robust security measures to safeguard your personal data, in line with our obligations and the instructions of your Telecare Service Provider. We employ a set of mechanisms designed to protect all data we collect, process and store. However, while our data handling practices are fully compliant with the most stringent cyber security, data privacy and data protection regulations, security risk is inherent in what we do and thus we cannot guarantee complete security of your information. To learn more about our data security practices, contact us below and we will send you our Data Security Policy.

10. Children
Our Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of 16. If we learn that we have collected personal information of a child without the consent of the child’s parent or guardian, we will delete it. Please contact us below if you believe we have inadvertently collected your child’s personal information so we can delete it.

11. Change to this privacy policy
We may amend this Privacy Policy at any time by posting the amended version on our Website and indicating the effective date of the amended version. We will announce any material changes to this Privacy Policy via email if we have your email address.

12. How to contact us
Your privacy is important to us. If you have any questions about this Privacy Policy or our privacy practices or would like to exercise your rights granted by this Privacy Policy or by operation of the law, contact us below or email us at dpo@telecomdesign.com or by contacting directly your Telecare Service Provider.