This page explains why and how Rosa processes personal information about health professionals and patients. “Rosa” is Rosa ASBL, a non-profit organization established at Cantersteen 10, 1000 Brussels, with enterprise number 0745.832.604.
To communicate with Rosa about processing of personal information or if to exercise your rights concerning personal information, please send an email to email@example.com.
Rosa helps health professionals and patients to exchange information in a confidential, secure and trusted environment. We have no other ambitions and we do not use personal data for other motives.
Rosa has the ambition to give its users the control over their information. Over time, we will add functionalities to our applications to let you access more information and decide what to do with it, with whom you want to share it, etc.
Rosa describes everything it does with personal information of health professionals and patients in this document. If something is not here, it means we don’t do it.
The data processing activities of Rosa are divided into two categories. This distinction has an important impact, because it determines who exercises the main control over, and is ultimately responsible for, the processing activity in question. This also determines who to contact if you have questions or requests about certain personal information.
All individual data processing activities carried out by Rosa are described in the next sections.
Rosa processes public profile data when a health professional chooses to create, fill in and publish a public profile. Public profile data contains:
Public profile data contains information about health professionals.
Public profile data is processed by Rosa under the responsibility of the health professionals, for the purpose of achieving their legitimate interests (communicating their professional details and allowing their patients to book appointments)
Rosa processes patient files data when a health professional creates or modifies a file concerning a patient. Patient files contain:
Patient files data contain information about patients.
Patient files data is processed by Rosa under the responsibility of the health professionals, for the purpose of providing health services to their patient.
Rosa processes information about appointments when a patient books an appointment online or when a health professional creates an appointment in their online calendar. For each appointment, Rosa may store the following information:
Appointments data contain information about patients and health professionals.
Appointments data is processed by Rosa under the responsibility of the health professionals, for the purpose of providing health services to their patient.
Rosa processes SMS reminders data when a health professional activates that option to send reminders to their patients before a planned appointment. The information processed for this purpose is reused from the appointment data. For each reminder, Rosa processes the following information:
SMS reminders data contain information about patients and health professionals.
SMS reminders data is processed by Rosa under the responsibility of the health professionals, for the purpose of providing health services to their patient.
When a user creates an account for the online calendar application or online appointment booking application, Rosa collects or generates the following information:
User and account management data contain information about all users of the who have created an account.
Rosa processes user and account management data because it is necessary for the performance of its contracts with its users.
For each customer, Rosa collects and processes information to set up and manage the contract, to communicate with the customer and (if relevant), to process invoices and payments. Customer data contains the following information:
Customer data contain information about the customers of Rosa.
Rosa processes customer data because it is necessary for the performance of its contracts with its customers, to meet its legal obligation and to communicate with its customers.
Rosa collects anonymous and aggregated data to generate statistics about the visits of its website and the usage of its applications. Usage statistics contain information about:
Usage statistics contain information about the visitors of the website of Rosa and the users of the applications of Rosa.
Rosa processes usage statistics for the development of its products and services, and for the improvement of its operations, which are legitimate interests.
All individuals have the right to:
To exercise these rights, the individuals should contact the following person(s):The relevant health professional if the request concerns information that Rosa processes for health professionals; Rosa (at the address mentioned at the beginning of this page) if the request concerns information that Rosa processes for its own needs.
The Belgian Data Protection Authority is the regulatory agency in charge of data protection in Belgium. It is competent to handle individual complaints about the processing of personal information. More information about data protection regulations and how to file a complaint can be found on this website.
Rosa relies on services provided by other companies to perform its data processing activities. These companies may be considered as “sub-processors” under the applicable privacy laws.
Rosa must implement appropriate security measures to protect the personal data covered by this agreement against unauthorized access, modification or destruction. Rosa relies on technologies or services of its subcontractors for parts of these measures.
Rosa must evaluate these security measures regularly and adapt them if needed, to take into account the evolutions of the risks, the technology and the costs associated with these measures.