Privacy policy

This document informs you about privacy issues such as the collection, storage, use, and disclosure of personal information received from users of this website, and of personal information received in the course of the provided services. 

Contact

If you have any questions about this privacy policy, your data, or if you would like to exercise one of your data protection rights, please do not hesitate to contact our Data Protection Officer at: 

Adamant Health Oy
incorporated and registered in Finland under business number: 315 3572-9
c/o Terkko Health Hub, Building 14
Haartmaninkatu 4
FI-00290 Helsinki
(hereinafter: “Adamant Health”)

Data we may collect about you

If you are a website visitor, we may collect your name, email, and cookies for the purposes of providing the best website experience to you. You are asked to consent to our collection of cookies at the beginning of your visit. Even if you have consented to the collection of cookies, at any time you can and may change your cookie preferences via the settings of your internet browser.

If you are a patient, we may collect your name, date or year of birth, gender, ethnicity, nationality and identifiable health-related information from your clinician to provide your clinician a health-related analysis as part of the service.

If you are a customer, marketing contact, or job applicant, we may collect your name, contact details and relevant professional data.

If you are an employee or corporate-related member of Adamant Health this privacy statement does not apply to you. You may contact Adamant Health for the relevant privacy notice, if you have not received this information during your solicitation.

The Purpose of our data collection 

Website visitors: We look at the trend of our website visitors to understand how we can improve our online communication about our services. Some data may be visible, such as your cookies, and from where you access our website. Other information concerning website visitors, such as number of visits by a single visitor, is anonymous.

Customers: We provide our services, such as our health analysis, to our customers via a contractual partnership and keep them informed about updates on our company and services.

Patients: We use patient data to provide quality health analysis to the patient’s physician. The physician may use this information to suggest the best treatment for the patient. As the patient has provided informed consent, its data may be used for further internal processing to improve our analysis services.

Marketing contacts: We are building our network with marketing contacts to make sure updates about our company, technology and services are spread within the community.

Job applicants: We hire job applicants through tools providing recruitment features, such as LinkedIn, and via partners for the purpose of connecting and finding the right person for open positions, while ensuring validation of contacts and resumés.

How we protect your data 

We have implemented several technical and organizational measures to protect the identity of any of our data subjects.

We use only secured electronic tools, which are vetted by our Data Protection Officer, and are subject to regular review and updates. We do not make use of automatic decision-making tools concerning our services for our customers.

Within our organization, only authorized personnel are assigned to process specific types of data originating from patients, customers and marketing contacts, and employees and job applicants. All personnel, new or onboarding staff, consultants, external or technical advisers are only allowed to process data that is specifically required to fulfill their work-related purpose, after they have obtained prior authorization.

We are processing patient-related information under pseudonymized references to make sure no identifying information is or can be revealed when used for analysis or further internal quality improvement purposes.

Regularly we audit, review, update and communicate our data protection policy documentation, risk assessment, breach policy, IT systems and policies, storage and retention documentation under guidance of our Data Protection Officer together with the entire team, and we record the results in our Data Protection Records of Processing Activities.

Sharing of your data 

We only share your data with sub-processors we have carefully vetted and that are authorized by our Data Protection Officer, to assist us in providing our services, such as external electronic tools to store your data in protected clouds, or couriers.

Unless explicitly authorized to do so by a legal obligation, we do not share your personal data with any other third parties. 

Transfer of your data 

In the event Adamant Health must transfer personal identifiable information outside the European Economic Area, we will only do so under carefully implemented legal transfer requirements to fully protect the identity of the data subjects.

In no event does Adamant Health sell or transfer personal identifiable information to third parties for other purposes than the fulfillment of a contractual service.

How long do we store your data 

Data regarding website visitors, that is identifiable in some nature, shall be kept for a maximum of two years. Anonymous website data concerning visitors is not subject to data protection laws and shall be kept indefinitely. We refer to the privacy policy of our website host, Squarespace, for their privacy policy concerning website visitations.

Data regarding customers and marketing contacts, are kept for a duration of two to five years, depending on the nature of the business relationship. Each year this data will be reviewed and established if it is necessary to retain the data.

Health-related analysis data from patients will be kept internally within our company for at least ten years, pursuant National and European regulatory requirements.

Related to job applicants, resumés are kept for a duration of the interview process with a maximum of one year after closing the recruitment process for the open position. Resumés sent via other, external tools such as LinkedIn, may be kept longer by the external tool. We advise to check the privacy policy of the third party, and we refer to the privacy policy of the tools used.

How can I exercise my data protection rights?  

As a website visitor, customer, marketing contact, or job applicant, you have at all times the right to: 

  • access your data and request copies of all processing activities concerning your data;

  • rectify information concerning any data about you that you believe is inaccurate;

  • request to be forgotten, to which we can comply under certain conditions: such as when we are not following a legal obligation from a National Authority, or reasons for public interest or public health;

  • request to restrict or object to processing, to which we can comply under certain conditions, such as when we are not following a legal obligation from a National Authority, or reasons for public interest or public health;

  • request a structured, commonly used and machine-readable format to transfer the data to another controller or directly to you (portability).

As a patient, you have in principle the same rights as stated above. However, in some instances we may not be able to comply because we are not your data controller. In those instances, may you contact us and we will refer to your healthcare facility and assist your data controller to the best of our abilities.

In all instances, Adamant Health shall respond to any data subject request within the legal timeframe of 30 business days. In the event Adamant Health is unable to comply to your data subject request it shall provide a reason for why it cannot comply, for example, when the personal identifiable data has been anonymized.

Data subject requests may be subject to reasonable administration costs. In such event, Adamant Health shall clarify beforehand what costs shall be subject to the data subject request.

Complaints

Please feel free to consult us about your data protection rights at dpo (at) adamanthealth.com or any privacy matter related to you. Should you think that Adamant Health has not addressed your concerns in a satisfying manner, or you wish to report a complaint, you may contact the Data Protection Authority in Finland or in your country of residence.

Updates

This policy was last updated January 2024. Adamant Health will keep this privacy policy continuously under review and reserves the right to modify this document and advises you to regularly to consult this document for the latest updates.