Back

PRIVACY POLICY

Back

Last Updated: [23 May 2024]

Welcome, and thank you for your interest in Speclipse, Inc. (“SPECLIPSE”, “we”, “us”, or "our"), our website at (the “Site”), and all related websites, downloadable software, mobile applications, and other services provided by us (including DERMAP) and on which a link to this Privacy Policy is displayed, and all other communications with individuals though from written or oral means, such as email or phone (collectively, together with the Site, our “Service”).

This Privacy Policy (“Policy”) explains how we collect, use, disclose, and safeguard your information when you use DERMAP, in compliance with the General Data Protection Regulation (GDPR). By visiting the Site or by using the Service, you accept the terms and conditions of this Policy.

This Policy is incorporated into, and is subject to, the applicable Terms of Service and/or Terms of Use. Capitalized terms used but not defined in this Policy have the meaning given to them in these documents.

This Policy applies distinctly and generally to any Patient and Medical Professional using the Service (particularly DERMAP) (collectively “Users”).

Customer Data
It is very important that you understand that the personal information we collect from you, as a DERMAP user, is the necessary information to operate your DERMAP account and in providing you with the products or services (Customer Data). The Customer Data that we collect from you does not include health information. As a healthcare provider, you are responsible for collecting personal information, including health information from your patients (Patient Data), as well as collecting and maintaining all appropriate consents from them. As a DERMAP user, you must ensure that you have obtained consent from the relevant individual to disclose to us any health information collected by you, for the uses described in this Privacy Policy.

Patient Data
Where Patient Data (including health information) is disclosed to us by you as our customer or by a patient, it will be collected, held, used, or disclosed in accordance with SPECLIPSE‘s obligations set out in the Privacy Act and this Privacy Policy.

1. Information We Collect


We may collect and process the following types of personal data:

a) Customer Data
Categories of Personal information that we may collect from you includes (but is not limited to): name, billing and delivery address, email address, contact telephone and fax numbers and professional details such as medical license number and practice address.

b) Patient Data
We may collect the following categories of personal information in the form of Patient Data including: name, address, health id number, email, ethnic origin, skin colour, skin condition, body image, skin images, diagnosis, medical notes and other related health information.

2. How we collect personal information


a) Customer Data
The circumstances in which we may collect personal information from you include when you:

(i) register on our DERMAP service;
(ii) the company/hospital/clinic you work for creates an account and you are one of the users invited by them to join the group account;
(iii) fill out a request for information form on our website;
(iv) request to be contacted by us for further information about our services and products;
(v) complete a feedback form or product enquiry;
(vi) request support of or assistance with using our products;
(vii) participate in a promotional offer or competition;
(viii). subscribe to our newsletter or mailing list.

We may collect this information either online, directly on our platform, or in person.
If you choose not to supply us with the personal information we request, we may be unable to provide you with our products or services.

b) Patient Data
We may collect personal information in the form of Patient Data in the following circumstances:

(i) where you enter Patient Data into the DERMAP platform;
(ii) if we migrate patient data from other internal or external systems or an Electronic Medical Record with the consent of you or the patient.

c) Automatically Collected Information
When you use the Service, we may automatically record certain information from your device by using various types of technology, including cookies, “clear gifs” or “web beacons.” This automatically collected information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content you view or interact with on the Service, and the dates and times of the visit, access, or use of the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you open, click on, or forward a message. You may limit the automatic collection of certain information by our Service, for instance by disabling the cookies using your browser options. Please be aware that by doing so it may prevent you from using specific features on our Service, such as maintaining an online account.

We use automatically collected information and other information collected on the Service through cookies and similar technologies to:

(i) personalize our Service, such as remembering your information so that you will not have to re-enter it during a visit or on subsequent visits;
(ii) provide customized advertisements, content, and information;
(iii) monitor and analyze the effectiveness of Service and third party marketing activities;
(iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed;
(v) track your entries, submissions, and status in any promotions or other activities on the Service.

3. Why we collect, hold, use and disclose Personal Information


In order to provide our products and services and manage our customer relationships, we need to collect Data, including personal information in relation to our DERMAP users. We collect, hold, use and disclose personal information where it is reasonably necessary for us to carry out our business functions and activities, for example, in order to provide you with our products and services.
We also collect, hold, use and disclose personal information for related purposes that you would reasonably expect, including our administrative and accounting functions, providing you with information about other products and services offered by us, marketing and promotions, market research, newsletter communications, statistical collation and website traffic analysis. Where we wish to use or disclose your personal information, or personal information in the form of Patient Data for other purposes, we will obtain your consent.

We may provide you with electronic marketing messages from time to time. You may opt out of receiving electronic messages from us at any time by contacting our Privacy Officer via the contact details at the bottom of this privacy policy or by using the opt out mechanism included in our electronic marketing messages.

Personal Information collected about you is only used in order to:

(i) To verify your identity;
(ii) To provide and maintain the DERMAP service;
(iii) To manage user accounts and provide customer support;
(iv) To send invoices or statements, and collect payments from you;
(v) To improve our services based on user feedback and usage data;
(vi) To comply with legal obligations and protect our legal rights;
(vii) To notify you about existing or new products, versions, updates, services or promotions we, our related companies, or selected partner companies may offer from time to time;
(viii) To provide our customers and potential customers with an up to date, useful and personalised website and services.

We may also use the personal information we collect in order to communicate with you including notifying you of the availability of important regular data and program version updates for your recommended download and installation, and notifying you of other product, service and company news which we believe is relevant to you and your user experience. If at any time you no longer wish to be notified about new products, services or promotions, please let us know by contacting one of our Privacy Officer, whose contact details are set out below.

We may use a third party independent contractor to conduct services which we are unable to, such as internet traffic measurement, website hosting, and patient information materials. Use of such services may involve coding being placed on web pages on the DERMAP/SPECLIPSE website to enable the collection and analysis of site visitor numbers, length of visit and pages visited. The contractor may collect and collate aggregate and non-personal information which is then provided to us to assist us to provide a product or service you’ve requested, and to provide you with a better user experience.

Sometimes the information we collect from you or in relation to Patient Data may include de-identified demographic information such as age, gender, location, occupation, or interests, which is not personal information. We may use such information for our own internal business purposes or to improve our products and services. We may also disclose such de-identified information to third parties including consultants, suppliers, partners, customers or potential customers.

4. Legal Basis for Processing


We process your personal data based on the following legal grounds:

(i) Consent: You have given clear consent for us to process your personal data for specific purposes.
(ii) Contract: Processing is necessary for the performance of a contract with you.
(iii) Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
(iv) Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our services, provided these interests are not overridden by your data protection rights.

5. Data Sharing and Disclosure


1) Your patient’s personal information collected by you

It is important that your patients are aware that we do not disclose their personal information with anyone without consent. They should be aware that you can use DERMAP to store their personal information and disclose as part of healthcare providers providing them with healthcare. Their personal information might be disclosed by you through DERMAP through your use of the DERMAP service, in accordance with the access controls you have set, or as otherwise required or authorised by law.

Patients’ personal information might also be disclosed by you (healthcare provider/DERMAP user) with:

  • the patient himself/herself;
  • his/her authorised representative(s);
  • his/her nominated representative(s) in accordance written consent;
  • registered healthcare providers and healthcare provider organisations involved in patient’s healthcare;
  • a registered healthcare provider (including individuals and organisations) in an emergency situation;
  • registered account operators if you within health organizations;
  • SPECLIPSE authorized employees to assist us in establishing and operating DERMAP. These employees are bound by strict obligations to treat individuals’ personal information with the same level of respect, privacy and security that they are entitled to from SPECLIPSE.

  • 2) Your personal information collected by us

    We will disclose personal information we hold when required to do so by law, including in response to a court order or a subpoena. We also may disclose such information in response to a law enforcement agency’s request.

    We will not disclose your personal information to partner companies for them to use for other purposes or to market their products or services to you directly, and we will endeavour to ensure that partner companies adhere to the obligations contained within the Privacy Act.

    We will not otherwise disclose personal information to third parties without your consent, except to:

    (i) contractors who provide us with services, such as call centre, billing, credit collection, hosting, help desk and support services providers, subject to confidentiality agreements;
    (ii) government, law enforcement and regulatory bodies where this is necessary for us to comply with our legal obligations;
    (iii) parties to whom we sell all or part of our business.

    We do not sell, rent or trade personal information to or with third parties.

    3) Overseas disclosure of Personal Information

    All information stored by the DERMAP platform is stored in Germany. We will not disclose or store overseas any Customer Data or Patient Data except that we may disclose Customer Data to our head office in South Korea, only for the purposes of providing you with our products or services, or for the maintenance of the DERMAP platform.

    If it is necessary for SPECLIPSE to disclose personal information outside Germany in order to provide you with our products or services, we will request your specific consent and will, before disclosing personal information overseas, take reasonable steps to ensure that the overseas recipient does not breach the Privacy Act.

    6. Data Security


    The protection and security of your personal information is something we take very seriously. We are committed to keeping personal information secure. We take robust precautions to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a secure system.

    The security and protection measures of DERMAP include:

  • not registering an individual if we are satisfied the individual may compromise the security or integrity of DERMAP;
  • monitoring access to DERMAP accounts to quickly detect suspicious or inappropriate behaviour;
  • requiring users to comply with a number of security obligations in the Privacy Act;
  • a multi-layered ICT system of firewalls, gateways and portals to ensure only authorised users can access DERMAP;
  • personal information transmitted or stored by or on behalf of us will be encrypted;
  • a graduated range of enforcement options where privacy or security are breached. For serious breaches, these options include the ability to seek civil and criminal penalties for unauthorised collection, use or disclosure of health information in DERMAP;
  • maintaining Access History of access to DERMAP Accounts which you can access;
  • a mandatory data breach reporting procedure;
  • rigorous, on-going security testing, including penetration testing;
  • a framework which details how any person who wishes to access a DERMAP is appropriately identified and authenticated;
  • developing and delivering education and awareness programs which highlight the need for individuals to protect themselves against security threats, hoaxes and scamming activities;
  • educating employees and contractors of their obligations when handling personal information;
  • requiring employees and contractors to individually authenticate themselves when accessing DERMAP.
  • 7. Data Retention


    We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

    If you cancel registration with DERMAP system or in case of death, the following will occur:

  • all documents will be kept in the system for the period recommended by law;
  • you, your representative will only be able to access your account by making a request to us;
  • other healthcare providers will only be able to access your customer account where required or authorised by law;
  • other healthcare providers will not be able to upload documents to your customer account;
  • your customer account may still be accessed by us for the purposes of maintenance, audit and other purposes required or authorised by law;
  • all other documents that are held by registered repository operators will be subject to local state or territory retention requirements.
  • If you cancel your customer account, but later re-register for an account:
  • your reactivated customer account may include personal information which was included in your account prior to it being cancelled.
  • 8. Destruction and De-identification


    SPECLIPSE retains personal information only whilst it is required for our business functions, or for any other lawful purpose. We use secure methods to destroy or to permanently de-identify personal information when it is no longer required or if we determine that the personal information received is required to be destroyed or permanently de-identified in accordance with the Privacy Act.

    9. Rights Regarding Personal Information


    On written request and subject to proof of identity, you may access the Personal Information that we hold, used or communicated and ask that any necessary corrections be made, where applicable, as authorized or required by law. However, to make sure that the Personal Information we maintain about you is accurate and up to date, please inform us immediately of any change in your Personal Information by mail or e-mail.

    Additional Rights for Europeans Users

    Please note that the term Personal Information used in this Policy is equivalent to the term “personal data” under the GDPR and other applicable European data protection laws.
    Under the GDPR, you may be entitled to additional rights, including:
    (i) the right to withdraw consent to processing where consent is the basis of processing;
    (ii) the right to access your Personal Information and certain other supplementary information, under certain conditions;
    (iii) the right to object to unlawful data processing, under certain conditions;
    (iv) the right to erasure of Personal Information about you, under certain conditions;
    (v) the right to demand that we restrict processing of your Personal Information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, or believe your Personal Information is inaccurate;
    (vi) the right to data portability of personal data concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions;
    (vii) the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions;
    (viii) the right to lodge a complaint with data protection authorities.

    You may exercise your rights by using the Subject Access Request Form or contacting us as indicated under the “Contact Us” section.

    10. Third-Party Services


    Our service may contain links to third-party services that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party services.

    11. Children's Privacy


    The Service is not directed to children under the age of 16, and we do not knowingly collect Personal Information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Information has been collected on the Service from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has provided Personal Information, then you may alert us as set forth in the “Contact Us” section by contacting SPECLIPSE's Privacy Officer directly and request that we delete that child’s Personal Information from our systems.

    12. Updates to This Privacy Policy


    Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.

    13. Contact Us


    For any questions or concerns regarding your personal data, you can contact our Data Controller and Data Protection Officer (DPO) at the following:

    * Company: Speclipse, Inc.
    * Address: 4th Floor, Gyeongchang Building, 141, Unjung-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, South Korea
    * Email: dermap@speclipse.com

    Speclipse, Inc. serves as both the Data Controller and the Data Protection Officer (DPO) for the purposes of GDPR compliance.

    By using DERMAP, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and disclosure of your personal data as described.