GDPR Compliance Declaration
What is Face2Gene?
Face2Gene is a suite of phenotyping applications that facilitates comprehensive and precise genetic evaluations. FDNA uses facial analysis, deep learning, and artificial intelligence to transform big data into actionable genomic insights to improve and accelerate diagnostics and therapeutics.
With the rapid advance of healthcare technologies – such as mobile medical apps and cloud computing – and their increasing integration with social media, personal data1 protection has become of paramount importance.
1 ‘Personal data’ under GDPR means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The European Union has recently adopted a new regulation concerning data protection – the EU General Data Protection Regulation 2016/679, known as the General Data Protection Regulation (“GDPR“). As a company with EU users, FDNA has taken certain actions and has adopted policies and procedures in order to implement the GDPR to enhance the data protection of the personal data of its EU users.
Steps implementing GDPR
1. Creating a data mapping inventory mapping all our data flows, differentiating between personal data and non personal data. We are constantly updating and maintaining this data mapping as a record of our processing activities.
2. Mapping and determining our lawful basis for processing of personal data.
3. Adjusting information security measures to be adequate and appropriate under the GDPR principles to the types of personal data we process. For more information about our information security measures please visit: www.face2gene.com/security-privacy.
Updated November 6, 2018
5. Putting in place or updating existing data protection policies, such as an updated Information Security Policy, Data Subject Access Request Policy, Incident Management Procedure, and Retention Policy.
6. Creating a system for receiving, tracking, and implementing users’ requests for deletion of personal data. Users may request account deactivation, deletion of user account, deletion of personal data, etc.
7. Updating the backup processes to be aligned to our Retention Policy so that deleted personal data will also be deleted from the backups after 90 days.
8. Updating the customer contact processes and implementing communication preference-setting systems.
9. Updating our list of sub-processors and amended our terms of agreement with them to comply with GDPR article 28.
10. Appointing a data protection officer (DPO), which is in charge, globally, to protect the personal data of our users and to align our relevant policies with the GDPR. Our DPO’s contact details are as follows: Roni Adar, email@example.com, +972-54-7233766.
Face2Gene is a unique and innovative genetic search and reference mobile application, powered by the smart phenotyping technology. FDNA is implementing the appropriate GDPR principles as part of a corporate commitment to protecting personal data through a strong security and compliance management program.
GDPR does not apply to all of our users and this declaration is not intended to apply to your rights if you are not a data subject in the EU.
If you have any questions about the way we handle your personal data, whether under GDPR or other laws applicable to you, please contact our DPO at firstname.lastname@example.org.