Where the User is a Local Physician requesting a Second Opinion, or a Patient Representative, they expressly guarantee Medical Second Opinion Ltd. that they can provide the Patient’s health data for the processing intended by this Website and our Platform (including the transfer of the Patient’s data including health data to the hospitals and Medical Professionals that will provide the Second Opinion) either under the “previous authorization” of the Patient or under the “vital interest” of the Patient.
As a consequence, where a Local Physician or Patient Representative provides us with Patient information, he/she shall be responsible to inform the Patient of the processing of his/her personal data (particularly, his/her health data) by Medical Second Opinion Ltd. by this Website and Platform. Therefore, the Local Physician or Patient Representative also guarantees that he/she obtained the appropriate prior specific authorization from the Patient to do so, unless there is one of the exceptions set out in section 2.2. of this Privacy Policy for Patients, Patient Representatives and Local Physicians and where Medical Second Opinion Ltd. is not obliged to inform the Patient.
When Users are registered on our Platform and have a user account for the use of our Online Services (an “Account” as detailed in the Terms & Conditions), we process the following personal data as data controller: title, name, date of birth, gender, country of residence, e-mail address, hospital/practice if a Local Physician creates the account, IP address, as well as your access data.
After completing the registration form and once the User Account has been created, a User becomes a User of Medical Second Opinion Ltd. We process the data of your User Account solely for operating your Account and the provision of our Online Services. This data processing is therefore necessary for the fulfilment of our (pre)contractual obligations.
We store data in connection with your registration and your User Account either until the end of your client relationship with us, or beyond that until the expiry of the respective legal retention periods (usually no longer than a time period of 7 years).
When Users request a Second Opinion via our platform, we process the following personal data as data controller: name, date of birth, city, country, language, gender, diagnosis of the Patient, information on prior treatments and stage of disease of the Patient, date of first diagnosis of the Patient, and reason for the Second Opinion (if applicable, the data of the Local Physician or Patient Representative).
In the event that Local Physicians or Patient Representatives share information about a Patient with a Medical Professional (at the hospitals providing Second Opinions) and translators (to translate the medical records) in order to obtain a Second Opinion, the Patient must have given his/her prior informed consent in accordance with article 14 GDPR given that such information cannot be completely anonymized. In case the sharing of data is necessary for the vital interests of the Patient, the User will guarantee Medical Second Opinion Ltd. to have previously informed the Patient and/or his/her legal representative of any and all processing carried out by Medical Second Opinion Ltd. through the Platform and Website, in accordance with the contracted Online Services.
Following the request for a Second Opinion, Medical Professionals of cooperating hospitals providing Second Opinions to the patient through our Website become independent data controllers upon data transfer and will draft and share the requested Second Opinion so that the requester can access it. In this case, we process the following details of the Second Opinion: name and location of the Patient (if applicable, name and location of the Local Physician or Patient Representative), date of the Second Opinion request, date the Second Opinion was completed, hospital which completed the consult, and modifications of the diagnosis/treatment/management based on the Second Opinion.
The data processing is necessary for the fulfilment of our (pre)contractual obligations. Further, the processing of special categories of personal data (e.g. health data) is based on the same legal basis as mentioned in the second paragraph of section 2.2 above.
Depending on who requests the Second Opinion, we receive the personal data either directly from you (or if applicable, from the Patient Representative or Local Physicians). Further, the data within the Second Opinion results from cooperating hospitals/physicians in the USA.
All our data processors process the personal data only on our behalf and on the basis of our instructions so that we can provide Users with our Online Services.
Recipient | Categories of personal data transferred | Purposes | url |
---|---|---|---|
Massachusetts General Hospital, Brigham&Women’s Hospital, Dana Farber Cancer Institute and others (through Mass General Brigham) | Medical records, information and data, including, as the case may be, pathology specimens, radiological images, laboratory results/reports, an English translation of all relevant records, and Client consent (collectively, the “Medical Record”) | Access to medical records to perform activities (provide medical second opinions) | https://poso.partners.org/Terms/PrivacyPolicy https://poso.partners.org/Terms/TermsOfUse |
Boston Children’s Hospital (through Summus Global) | “Medical Records” | Access to medical records to perform activities (provide medical second opinions) | https://www.summusglobal.com/Privacy |
UCLA Health | “Medical records” | Access to medical records to perform activities (provide medical second opinions) | https://www.uclahealth.org/privacy-notice |
Affinity Ltd.
Królowej Jadwigi 43, 61-871 Poznań, Poland
Electronic address: gdpr.representative@affinity-group.pl
We comply with appropriate technical and organizational security measures pursuant to Art 32 GDPR, considering the risks, to guarantee an appropriate data protection level, especially to protect the personal data against accidental or unlawful destruction, alteration or against loss and against unauthorized disclosure or unauthorized access. Our security measures include:
We may amend this Privacy Policy from time to time in accordance with article 1.6 and 1.7. of Terms and Conditions available on our Website.
In the following sections you will be informed which personal data we potentially collect, process and use when you use our Online Services.
When you fill out the contact form on our Website and send your enquiry or establish contact with us via phone call, postal mail, e-mail or through other electronic channels, we process (as a data controller) the data you voluntarily provided us with (name, e-mail address, nature of the enquiry, the subject of your message and the content of your message).
We process the data provided within the course of contacting us solely for processing your enquiry, to get in contact with you if desired and to provide you with the requested information. This data processing is therefore necessary for answering your enquiry, based on our legitimate interest, your consent, and for the fulfilment of our (pre)contractual obligations. Therefore, as soon as these purposes are completed, we erase your data.
Based on your consent declaration, we also collect and process the following data about your use and interaction with our Website and Online Services: IP-address of your device, the used internet browser, the browser language, your operating system, the requested files from our Website, your settings regarding Java, screen resolution, color depth, your click behavior on the Website (time of access, clicks) as well as the internet site from which you visit us (referral URL).
This data is generally collected through cookies (see our Cookie Policy). We use this usage data for (i) web analysis, (ii) improvements to our Online Services and our Website and (iii) increasing usability. This data processing occurs on the basis of your consent to the use of cookies on our Website. You can withdraw this consent at any time (e.g. through your browser settings regarding cookies) with effect for the future and free of charge.
On the basis of your consent declaration (obtained through the double opt- in process, which means that after registering for the newsletter you receive an e-mail in which you are asked to confirm your registration), we process the personal data that you provided us with voluntarily in the course of the registration for the newsletter (your e-mail address) in order to send you e-mail newsletters about our platform, current projects, marketing and product information.
You can withdraw your consent to the receipt of our newsletter at any time (e.g. via e-mail to info@globalsecondopinion.com) or through the unsubscribe link in our e-mail newsletters) with effect for the future and free of charge. After receipt of your withdrawal, we will cease to send you e-mail newsletters and erase your personal data from the mailing list.
Provided that you have only registered for our newsletter (therefore, when you have not requested from us a second opinionfrom us), we store your data until the withdrawal of your consent and beyond that for a maximum of three years in order to demonstrate compliance with data protection and e-commerce regulations.
When you register on our Platform and create a user account (“Account”, as defined in section 2 of the Terms & Conditions) for the use of our Online Services, we process your personal data in accordance with our Privacy Policy for Patient Representatives and Local Physicians.
When you request a Second Opinion via our Website and Online Services, we process your personal data according to our Privacy Policy for Patients, Patient Representatives and Local Physicians.
We collect and process the following data when you use our Website and Online Services, which means accessing the corresponding server which contains the specifically requested service (so called server log files): name of the accessed site, file, date and time of access, transmitted quantity of data, server status codes, username, processing time, browser and client type alongside the version, your operating system, referrer URL (the previously visited site), IP-address and the requesting provider, reverse DNS, location data, connection data, source and target (network discovery or address, port numbers, protocol, e-mail address, e-mail subject, connecting server, protocol details, reputation data, reverse DNS, obvious labelling, connected servers), authentication details and e-mail meta information.
This data is generated automatically through our servers when you use our services and is necessary so that we can provide you with the desired services. We therefore process server log files solely to be able to operate our Website and the connected Online Services, to identify you as a user authorized to access, to distribute web server requests in our server pool as well as for security reasons (e.g. for clarification of abusive and fraudulent activities). Thus, this data processing activity is necessary to ensure our legitimate interests in operating a user friendly and secure Website.
Without prejudice to defend our eventual liabilities as stated below , we generally store this data for 500 days since your access data and log files were collected before erasing them.
Within our Online Services, we use further services and contents of third party providers to incorporate their contents and services on the basis of our legitimate interests in the provision, optimization and economical operation of our Online Services. This regularly requires that the third parties of these contents receive the IP address of the user as they are not able to send the requested contents to the right browser without the IP address. The IP address is therefore necessary for the display of these contents and the use of the embedded services.
Specifically, we have utilized the following services and contents of third parties in our Online Services: Stripe, Google Analytics, DeepL, mailchimp and HubSpot.
All our data processors process your data only on our behalf and on the basis of our instructions so that we can provide you with our Online Services.
Recipient | Categories of personal data transferred | Purposes | url |
---|---|---|---|
Massachusetts General Hospital, Brigham&Women’s Hospital, Dana Farber Cancer Institute and others (through Mass General Brigham) | Medical records, information and data, including, as the case may be, pathology specimens, radiological images, laboratory results/reports, an English translation of all relevant records, and Client consent (collectively, the “Medical Record”) | Access to medical records to perform activities (provide medical second opinions) | https://poso.partners.org/Terms/PrivacyPolicy https://poso.partners.org/Terms/TermsOfUse |
Boston Children’s Hospital (through Summus Global) | “Medical Records” | Access to medical records to perform activities (provide medical second opinions) | https://www.summusglobal.com/Privacy |
UCLA Health | “Medical records” | Access to medical records to perform activities (provide medical second opinions) | https://www.uclahealth.org/privacy-notice |
Konrad Bednarowski
Affinity Ltd.
Królowej Jadwigi 43, 61-871 Poznań, Poland
Electronic address: gdpr.representative@affinity-group.pl
We comply with appropriate technical and organizational security measures pursuant to Art 32 GDPR to, considering the risks, guarantee an appropriate data protection level, especially to protect the personal data against accidental or unlawful destruction, alteration or against loss and against unauthorized disclosure or unauthorized access. Our security measures include:
We may amend this Privacy Policy from time to time in accordance with article 1.6 and 1.7. of Terms and Conditions available on our Website.
DETAILS OF THE COMPANY
Company: Medical Second Opinion Ltd.
Location of principal office: 37 Perry St. #1, 02445 Brookline, MA USA
Email: info@globalsecondopinion.com
Company Registration:
The Commonwealth of Massachusetts, ID number: 001390930
Delaware SR#20195708364
EIN: 84-2038100
Objective of the Company: Medical advice intermediation platform
Thank you for using the Global Second Opinion Platform. By visiting or using the Platform (as defined below) you (“you”, “your”, “User/s”) accept and agree to be bound by the following Terms and Conditions (“Terms”) and any applicable terms, conditions, policies, notices and operating rules contained or referenced in this document or on the Platform in full (collectively the “Agreement”). We may ask you to expressly agree to these Terms if you register an account on our Platform or use any product or service. If you are entering into this Agreement on behalf of a company or other legal entity, you confirm that you have the authority to bind such entity to these Terms, in which case the terms “you”, “your” or “User/s” shall refer to such entity. If you do not have such authority, or if you do not agree with these Terms, you must not accept this Agreement and may not visit or use the Platform.
This content may include texts and images and shall only include data and medical records that are relevant for the Second Opinion (“User Content”).
Where the User is a Local Physician or a Patient Representativeof the Patient requesting a Second Opinion, he/she expressly guarantees Medical Second Opinion Ltd. that they can give us the Patient’s health data for the processing intended under this Website and our Platform either with authorization of the Patient, under applicable law, or under the vital interest of the Patient.
may be deleted by us from the Platform with advance notice sent to you via e-mail at least 14 days prior to the deletion. Second Opinions and translations of User Content may also be deleted from the Platform with 14-days advance notice but no sooner than 6 months after they were delivered to you through the Platform.
to the e-mail, phone number or mailing address provided by you.
This Cookie Policy is part of our General Privacy Policy and our Privacy Policy for Patients, Patient Representatives and Local Physicians, and explains the use of cookies by our Website http://www.globalsecondopinion.com/. The following information about the use of cookies is provided by Medical Second Opinion Ltd. (“we”, “us” or “our”) as owner of the Website.
Cookie | Provider | Type | Purpose | Retention |
---|---|---|---|---|
secondopcookie | Medical Second Opinion Ltd. | Necessary | showing banner | 2 days |
Cookie | Provider | Type | Purpose | Retention |
---|---|---|---|---|
ga | Google Analytics | Tracking | tracking | 2 years |
Our website uses functions of the web analytics service Google Analytics by Google Inc. ("Google"), member of Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). This analysis tool uses cookies to collect standard log information and to enable analysis of the use of the website in an aggregate form. The information about your use of this website covered by the Google Analytics cookies may be transferred to Google server (usually in the US or in other countries outside the EU) and stored there. Since we respect the privacy of our users, we process only anonymized IP addresses.
We also use the analyzing function of Universal Analytics, in order to obtain information about the use of our services on different devices ("Cross Device"). We use solely cookie which prior pseudonymizes user ID without processing personal data and does not transfer such personal data to Google. The data collection and storage can be objected at any time with effect for the future by deactivating the cross-device user analysis in your account.
More information on Universal Analytics can be found here:
https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376
The following information is collected by Google Analytics: anonymized IP address, browser, device type, device model, country, service provider, monitor resolution (on a mobile device), dwell time, language, operating system, visited pages on the website. Google will use this information, in particular to evaluate the use of the website users, compiling reports on website activity. Google may also transfer this information to third parties where required by law or third parties process this data on behalf of Google. If you want to opt out on Google Analytics, you can download and install the following plugin:
User data is stored indefinitely or until you request deletion of your data. Google will then as soon as possible and in any case within 180 days delete the data.
Google uses the DoubleClick cookie on Google's advertising network sites and certain Google services to help AdWords customers and publishers serve and manage ads on the web. When you visit a website and display or click on an ad placed through Google Advertising Network websites, a DoubleClick cookie may be placed in your browser. The DoubleClick cookie identifier associated with your browser is the same identifier used when you visit websites that use DoubleClick adware. If your browser already has a DoubleClick cookie, no additional DoubleClick cookies should be placed. For more information about the use of DoubleClick cookies in connection with DoubleClick's advertising program, please see the DoubleClick Privacy FAQ:
On our websites we use the Google Tag Manager. This service allows website tags to be managed via an interface. Google Tag Manager does not collect any personal data.
This website uses the remarketing technology of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). This technology enables users who have already visited our websites and online services and are interested in the service to be addressed again through targeted advertising on the pages of the Google Partner Network. The insertion of advertising takes place through the use of cookies, which are small text files that are stored on the user's computer. The text files can be used to analyse user behaviour when visiting the website and then be used for targeted product recommendations and interest-based advertising.
If you do not wish to receive interest-based advertising, you may opt-out of Google's use of cookies for this purpose by visiting the site:
Alternatively, users can deactivate the use of third-party cookies by going to the Network Advertising Initiative deactivation page.
By consenting to the use of cookies via our cookie banner, you consent to the processing of data about you by Google in the manner and for the purposes set out above. Please note that Google has its own privacy policies, which are independent of ours. We assume no responsibility or liability for these policies and procedures. Please read Google's privacy policy before using our website.
Here you will find the relevant privacy policy of Google Inc.:
Notwithstanding the former information and the strictly necessary cookies to provide the services, you have the possibility to configure your browser to be warned of the use of cookies and prevent their installation on your device. However, disabling cookies may affect the proper functioning of certain sections of the Website.
Likewise, you have the possibility to revoke at any time the consent given by you for the use of cookies, without this affecting the unlawfulness of the processing based on your consent prior to your withdrawal. You can do this by configuring your browser for this purpose in the terms set out in the previous point.
Please consult the instructions and manuals of your browser for further information: