Last Revised: March 12, 2020
BFC Technology Ltd. (“BFC”, “Company” “we” or “us”) respect the privacy of the users of our website at: https://bfctech.life (the “Site”), our social network (the “Network”), and our mobile application (the “App” and together with the Network and the Site – the “Service”), and are committed to protect the personal information that users share with us in connection with the use of the Service.
BFC is an Israeli company which located at Bnei Atarot, Israel.
1. Legal Basis for collection and Use of Personal Information
- With your consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time. For example, we ask for your consent to provide you with personalized content;
2. Which information we may collect on our Users?
We may collect three types of data and information from our Users:
- Personal Information, which is individually identifiable information, that identifies an individual or may with reasonable effort identify an individual, either alone or in combination with other information, or may be of private or sensitive nature; and
- Non-personal Information, which is non-identifying and non-identifiable information, without particular reference to the identity of the User from which such information was collected.
- Healthcare Information, is any medical information, including diagnosis, treatment, prescription, device, therapy, test, result, counseling, laboratory and any other information related to services or supplies related to your health. Provision of healthcare information is purely voluntary and is not needed for the use of this Services.
For the avoidance of doubt, any Non-personal Information and/or Healthcare Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists.
Information which is being gathered in connection with the Service may consist of the following:
· If a User registers to the Service (via the App or Site), such User will be required to choose whether the User is a patient, family member or a friend of a patient, a medical staff member or any other person, select a relevant status and status subtype, add a nickname. Thereafter, User may voluntarily provide, but is under no obligation to provide, Username, User’s country, gender, date of birth, background disease, picture, e-mail address, and other details about medical status.
· Moreover, in order to use the Service, the User may provide voluntarily additional Personal Information, such as the User’s address, geo-location, family member names who are also Users, User’s mobile phone address book and contacts (to share the App and invite User’s friends to the Network), information collected from other Users regarding their Personal Information and medical information through using the Service (or parts thereof including via the chat, comments, posts, or sharing ), and other information the User may voluntarily provide while registering to and using the Service or while logged-in to his/her Account.
· You may also choose to provide Healthcare Information such as blood and other test results, Radiology images, therapist summaries, medical history, medical institutions visited, doctor appointments, specific diets you are on, medications and other supplements and vitamins you consume, etc.
· As the User enters and/or uses the Service, he/she may automatically provide us with his/her IP address or other persistent user and/or mobile device token (as applicable), which is used mainly for enhancing the User’s experience and for geolocation, personalization and security purposes, as further detailed below.
· The User of the Service may also automatically provide us with certain technical Non-personal Information and aggregated usage information, such as the User’s device type, operating system, browser type and version, screen resolution, browser and keyboard language, the User’s ‘click-stream’ and activities on the Service, the period of time the User visited the Service and related time stamps, etc.
Please note that to use the Service, you must at least provide such information that is clearly marked as “Required” (such as: user type, nickname, etc.), while any other information may be withheld or provided by you voluntarily and at your discretion, however it may help us improve the accuracy and reliability of our Service, and your overall experience from using the Service. You hereby agree and acknowledge that any Personal or Health Information is provided at Your own free will and pursuant to these privacy practices.
3. How do we collect Information on our Users?
We use the following methods of collection:
a. We collect Non-personal Information through your use of the Service. In other words, we may be aware of your use of the Service, and may gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below. We may also collect Non-personal Information through the processing, analysis and anonymization of Personal Information provided by you.
b. We collect Personal and Health Information which you provide us voluntarily. For example, we collect Personal Information in the course of your use of the Service, including when you register and open an Account on the Network by completing the registration form, when you provide us additional information during your use of the Service, or when you contact us directly.
We store the Non-personal and Personal and Health Information either independently or with the help of our authorized third-party service providers as detailed below.
4. What are the Purposes of the Collection of Information?
We collect the above mention information, using advanced technics, in order to provide and operate the Service, and to give our Users information to use as applicable; to study the Information, for personalized services, notifications, and to enable the sharing of User’s public posts with other users having similar interests/characteristics; to use on an aggregated, statistical basis to discover patterns and anomalies; to enable us to further develop, customize and improve the Service based on Users’ common preferences, uses, attributes and anonymized data; to enable us to provide our Users with a better user experience, with more relevant and accurate information, services, third party services, features and functionalities, statistical and research purposes.
We may share aggregated data (such as statistics about common metastasizes) and anonymized User’s public posts with third parties for research purposes and to discover patterns and anomalies regarding such things as complications and treatment issues or to help to develop better treatments and potentially manage complications or for other purposes. If required by any applicable laws, FDA regulations or other obligations, we may share information about adverse events or product problems provided voluntarily by Users. We will not share any identifying information regarding any particular User without such User prior consent.
5. Where Do We Store Personal Information?
Information regarding the Users will be maintained, processed and stored by BFC and our authorized affiliates and service providers in the USA and in Israel, and as necessary, in secured cloud storage, provided by our third party service provider.
You hereby accept the place of storage and the transfer of information as described above.
For more information regarding this compliance, you can visit the following links:
6. Sharing Information with Third Parties
For avoidance of doubt, BFC may transfer and disclose to third parties or otherwise use Non-personal Information at its own discretion.
7. Modification or Deletion of Personal Information
BFC will maintain your Personal and Health Information as long as you are using our Services. If for any reason you wish to modify, update, revise and/or delete your Personal or Health Information stored with us and identifies you, you may do so on the Service by editing your information on your Account, or by deleting your Account from the Service, in which case we will delete any such Personal Information pursuant to any applicable privacy laws. Note that we may retain your Personal Information for a minimum period required to provide the Services. We will also retain your personal information as necessary to comply with our legal obligations, to resolve disputes, to prevent fraud and abuse, to enforce our agreements and/or protect our legitimate interests.
If you would like, we can provide you all your personal information which you provided to us in a structured, commonly used and machine-readable format. To do so, see our contact information below.
To use the Service, you must be over the age of eighteen (18). BFC does not knowingly collect Personal Information from children under the age of eighteen (18), unless such Personal Information was provided by the User’s family member who is over the age of eighteen (18) and has all of the required consents, approvals, and rights to upload Personal Information on the minor’s behalf. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of eighteen (18) are not using the Service. In the event that it comes to our knowledge that a person under the age of eighteen (18) is using the Service, we reserve the right to prohibit and block such User from accessing the Service.
9. Cookies & Local Storage
A cookie is a small data file that a website saves on your computer or mobile device when you visit the website. Cookies are widely used for record-keeping purposes in order to make website work, or work more efficiently, as well as to provide information to the owners of the website.
Like many Websites and applications, when you access or use the Service, we may use industry-wide technologies such as “cookies” or similar technologies, which stores certain information on your computer (“Local Storage”) and which will allow us to enable automatic activation of certain features and make your Service experience much more convenient and effortless. It is easy to prohibit the Local Storage, erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored, by instructing your browser or device and changing its options. However, if you block or erase cookies your online experience may be limited.
We may also use certain third-party cookies. These are a different kind of cookies, stored on your computer by third parties, rather than by us. This kind of cookie is read-only each time you visit the Service, and also when you visit certain websites or applications that use similar cookies. Third-party cookies usually store only a Non-personal Information, such as the web pages you have visited, the duration of your browsing, etc. For more information regarding those third-party read section 12.
10. Direct Marketing
You hereby agree that we may use your contact details for the purpose of informing you regarding our products and services (which may interest you, and to send to you other marketing material, including news, updates and relevant medical data) transmitted to the e-mail address or phone number you have provided or by displaying you this information on the Application to you.
You may withdraw your consent via sending a written notice to BFC by email to the following address: email@example.com.
Please note that BFC may also contact you with important information regarding our Services. For example, we may notify you (through any of the means available to us) of changes or updates to our Services, payment issues, service maintenance, etc. You will not be able to opt-out of receive such service messages.
We take a great care in implementing and maintaining the security of the Service, and our Users’ Personal Information. The Personal Information, or parts thereof, is hosted on KNOWNHOST or AMAZON, which provides advanced security features. BFC employs industry standard procedures and policies to ensure the safety of its Users’ Personal Information, and prevent unauthorized use of any such information, including encryption, Secure Socket Layer (SSL) and Transport Layer Security (TLS). However, we do not and cannot guarantee that unauthorized access will never occur.
We recommend using the strongest password combination available on your mobile device to protect unauthorized access to your mobile device.
12. Transfer of Your Information / Third Party Software/Service
BFC has partnered with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own. These include hosting, database and server co-location services (such as AWS, Knownhost), data and cyber security services (such as Cloudflare), Payment Processors (such as Apple Pay, Google Pay), data analytics services (such as Facebook Analytics, Google Analytics), App analytics tools including session replay records for usability and functionality monitoring and analysis (such as: Crashlytics, Zohodesk), services of measuring our Services attribution and effectivity of our publication and marketing efforts (such as: Appsflyer), e-mail and SMS distribution and monitoring services (such as Mailchimp, Twilio), and our business, legal and financial advisors (collectively, “Third Party Services“). Such Third Party Services may receive or otherwise have access to our Users’ personal information, depending on each of their particular roles and purposes in facilitating and enhancing our Services and business, and may only use it for such purposes. We, as the controller of the information collected from its Users in connection with the use of the Services, use reasonable effort to review the personal information processing practicing done by Third Party Services on our behalf, and to the extent required under applicable law we are responsible for such processing to the extent that it is not outside of our reasonable control. By providing such information, you expressly consent to such transfer and use, including transfers outside of the jurisdiction in which the information was provided.
If you are located in the EU please see also section 16.
13. Third Party Websites
15. Compliance with USA Privacy Regulations
BFC is not a Covered Entity or Business Associate of any Covered Entity. According, any Healthcare Information you provide voluntarily is not protected by the Health Insurance Portability and Accountability Act of 1996, and regulations promulgated there-under, including the Standards for Security and Privacy of Individually Identifiable Health Information at 45 Code of Federal Regulations Parts 160 through 164 (“Privacy and Security Regulations”), as amended from time to time, in addition to the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, Public Law 111-005. Moreover, this social networking application is not a Medical Device, and thereby is not regulated by the Federal Food, Drug & Cosmetic Act.
16. Compliance with European Privacy Regulation
BFC is compliant with the European General Data Protection Regulation (GDPR) and therefore maintain your rights according to the GDPR. If you consider that your rights under the GDPR are infringed, you can contact us as describe below. You also have the right to lodge a complaint with a supervisory authority.
We shall not use and process your Personal Information in order to target advertisement to you. However, as mentioned above we customized our services to you according to the collected information. It means that by indicating your type of disease and providing certain Health Information and Personal Information, we offer you to participate in groups which are relevant to you and you are able to join additional groups according to your interests and get from time to time a relevant query that you may voluntarily answer.
If you are located in the EU, you have a right to request further information regarding the data transfer mechanisms used by us with respect to data transfers to third countries and to international organizations.
In case that your data will be stored outside the EU, we will apply strict safeguards which may include the following:
- Transferring your personal information to countries approved by the European Commission as having adequate data protection laws, such as Israel;
- Entering into standard contracts that have been approved by the European Commission and which provide an adequate level of high quality protection, with the recipients of your Personal Information;
- Transferring your Personal Information to organizations that are Privacy Shield Scheme certified, as approved by the European Commission.
For more information regarding to your rights according to the GDPR you can visit this link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
17. Have any Questions?
By contacting us, you represent that you are free to do so and that you will not knowingly provide BFC with information that infringes upon third parties’ rights, including any intellectual property rights. You further acknowledge that notwithstanding anything herein to the contrary, any and all rights, including intellectual property rights in such information provided, shall belong exclusively to BFC, and BFC may use or refrain from using any such information at its sole discretion.