Thirona Privacy Statement
Thirona is dedicated to protect the personal data and privacy rights of visitors to our website and persons contacting us for business purposes. This statement refers to personal data as defined in the General Data Protection Regulations (GDPR). Personal data is information which can be referred to any living person. Thirona ensures your personal data is processed conform the GDPR.
Thirona is a high-tech company. Our focus is on development and marketing of automated analysis tools for medical images. Since our establishment in 2014, we have developed software products focusing on the analysis of thoracic CT scans (LungQ), chest X-rays (CAD4TB), and retinal images (RetCAD). Our products use state-of-the-art image processing techniques such as deep learning. Thirona has also developed a cloud solution as a service for its products based on AWS. Thirona is ISO 13485 compliant. All our products have obtained CE certification and are actively used all over the world.
Thirona is located in Nijmegen, the Netherlands.
This website – www.thirona.eu – may contain links to and from other websites. This statement applies only to Thirona and its website. If you visit other website by clicking links on this website, please read the privacy statement of the site you are visiting, to know how your personal data is processed. If you visit our website through a link on another website, we may receive information from that website. Please read their privacy statement to find out if this is the case.
Thirona is responsible for all decisions related to data processing according the GDPR, meaning Thirona decides what information is processed and why. Thirona ensures the personal data is processed in accordance with the GDPR.
Thirona uses the information you provide for several purposes based upon the reason for you to contact us. Upon your request, for instance by using our contact form, we provide quotations, information, make telephone contact or respond to you in any other way you desire. We may also use personal data you provide us to maintain a business relationship with you after your first enquiry. By using our contact form, your name and e-mail address are sent to us to contact you. Depending on the nature of your enquiry your data is stored. After the contact or our business relation ends, the information is deleted or stored for an agreed period of time.
Security of personal data
In case your personal data is stored for the abovementioned reasons, please note we have taken technical and organisational measures to protect your data. Employees of Thirona are aware of this privacy statement and their role in it. Thirona ensures to prevent loss, misuse or alteration of your personal data. All personal data within Thirona is stored on secured and encrypted servers. Servers, computers and mobile phones are password protected.
Cookies and statistics
Most commonly used browsers give you the option of rejecting cookies. Blocking cookies may have a negative impact on the usability of websites. Please look into the privacy settings of your browser to adjust them in case you desire to.
Below information is gathered by Google Analytics and is stored for 60 days. Data will be automatically deleted after this period. To Thirona this information is anonymous.
– Location (country)
– Pages visited and times of their visits
– Links used to access our website
– User agents (used browser, operating system, language settings, type of device, etc).
– In case an IP address is stored, Google Analytics only sees an IP address of which the last two octets of are anonymised. For example, it will appear as “192. 125. xxx. xxx. xxx.”. This way, your exact location can never be tracked by Thirona.
Google may share your personal data in case this is demanded by law, or in case a sub processor processes your data.
Legal basis for processing of data
In case of a business contract between Thirona and another party, the processing of data is contractual. In case of requested contact the basis is consent.
Thirona maintains the mandatory register of all personal data processing activities.
Through agreeing to this privacy notice you are consenting to Thirona processing your personal data for the purposes explained. You can withdraw consent at any time by emailing email@example.com.
Thirona will process personal data during the duration of any contract and will continue to store only the personal data needed for a maximum of 18 months after the contract has expired to meet any legal obligations. Financial transactions and data will be stored for the fiscal term of 7 years.
Data is held using protected and encrypted cloud servers.
Your rights as a data subject
At any given time whilst processing your data, you have the following rights:
• Right of access – you have the right to request a copy of the information that we hold about you.
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
• Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
• Right of portability – you have the right to have the data we hold about you transferred to another organisation.
• Right to object – you have the right to object to certain types of processing such as direct marketing.
• Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
In the event that Thirona refuses your request, we will provide you with a reason for refusing. You have the right to legally challenge our decision.
At your request Thirona will provide what data is held and how it is processed.
After presenting valid identification, you can request the following information:
• Identity and the contact details of the person or organisation that has determined how and why to process your data.
• Contact details of the data protection officer, where applicable.
• The purpose of the processing as well as the legal basis for processing.
• The categories of personal data which is collected, stored and processed.
• Recipient(s) or categories of recipients that the data is/will be disclosed to.
• How long the data will be stored.
• Details of your rights to correct, erase, restrict or object to such processing.
• Information about your right to withdraw consent at any time.
• How to file a complaint with the appropriate authority.
• Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
• The source of personal data if it wasn’t collected directly from you.
• Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
To access what Personal data is held, identification will be required
Thirona accepts the following forms of ID when information on your personal data is requested:
A valid ID-card, passport or driver’s license. If we believe the ID document is of poor quality, we will seek further information before personal data can be given.
After a request, please take note processing your request may take up to 1 week (5 working days).
All requests should be made to firstname.lastname@example.org
If you wish to file a complaint about how Thirona handles your personal data, please direct your complaint to the COO of Thirona, Eva van Rikxoort at email@example.com. Your complaint will be handled within 2 weeks of receipt.