CONNECTDROP – Protection of Personal Data

Please select any other language hereunder:

FR – CONNECTDROP – Protection des données personnelles

IT – CONNECTDROP Protezione dei dati personali

 

 

Biocorp Production (the« Company») has developed and is the publisher of the CONNECTDROP® mobile Application and takes privacy and the protection of persona! data very seriously. The Company ensures the confidentiality and security of your persona! data and complies with the applicable regulations, namely:

 

  • The French Data Protection Act n° 7817 of 6th January 1978 ;
  • EU Regulation 2016/679 on the protection of natural persons with regard to the processing of persona! data. and on the free movement of such data, of 27th April 2016, referred to as the GDPR.

 

The purpose of this Privacy Policy is to inform Users of the CONNECTDROP® mobile Application as well as possible of the way in which the Company protects the persona! data it collects in the context of the use of the CONNECTDROP® mobile Application and of the commitments made by the Company to ensure that Users’ persona! data is respected.

By continuing to use the mobile Application, the User acknowledges that they have read the terms of this Privacy Policy.

 

 

WHAT CONSTITUTES PERSONAL DATA?

 

Persona! data is any information relating to yourself that can be used to identify or re-identify you, directly or indirectly. This may be your name, your age, your health data. or an ID number.

 

With your consent, we process data relating to your health and your utilisation of the CONNECTDROP® mobile Application. This Privacy Policy describes the conditions under which your persona! data will be collected and utilised when you use the CONNECTDROP® mobile Application.

 

WHY DO WE COLLECT YOUR PERSONAL DATA AND WHAT IS THE LEGAL BASIS FOR THIS PROCESSING?

 

The processing of the data is based on Biocorp’s legitimate interest in providing patients with a medical device, associated with the Mobile Application, that meets their medical needs. ln addition, the collection of usage data allows Biocorp to access such data for the purposes of analysis and improvement of the CONNECTDROP® mobile Application. including the anticipation of malfunctions.

 

WHICH DATA WILL BE COLLECTED?

 

The following data concerning you will be collected during your utilisation of the CONNECTDROP® mobile Application:

 

Data collected and transmitted by the Device to the CONNECTDROP® mobile Application:

 

(The « Device » refers to a medical device owned by Laboratoires Théa S.A.S (a French company) with a CE-mark called «CONNECTDROP®», to be clipped onto a bottle of eye drops equipped with the Easygrip® system).

  • Date and time of instillations;
  • Orientation of the bottle during instillations;
  • Device Serial Number;
  • Battery level;
  • Error code in case of malfunction.

 

The information that you entered in the CONNECTROP® mobile Application:

  • Your last name, first name and date of birth;
  • Email address;
  • Treatment;
  • Your consent to the General Terms & Conditions of Use;
  • Phone number (for the 2-factor authentication);
  • Bottle opening date;
  • Unique Device Identifier (UDI).

 

In this context, the User acknowledges that they take sole responsibility for the recording and accuracy of the data entered within the mobile Application, and that they undertake to take all necessary precautions, in particular in terms of security of access to their equipment or smartphone, so such data is not made accessible to unauthorised third parties. The Company cannot be held responsible for the access by such a third party to the data entered in the mobile Application in the event of negligence on the part of the User.

 

Usage data collected by the CONNECTDROP® mobile Application:

  • Date and time of pairing of the Application with the Device;
  • Date and time of the Application’s connection to the Device;
  • Date and time of choosing a treatment;
  • Date and time of retrieval by the Application of each instillation recorded by the Device;
  • Date and time of access to the details of each tile (number of instillations, time interval, bottle position);
  • Date and time of access to Treatment and Bottle management;
  • Date and time the report was generated;
  • Date and time of access to the “Tutorial” videos;
  • Date and time of access to the user manual;
  • Date and time of the notification “congratulations you are taking your treatment well”;
  • Date and time of the notification “nothing has been recorded for 3 days”;
  • Date and time of reauthentication;
  • Date and time of retrieving the lost password.

 

WHERE ARE YOUR PERSONAL DATA KEPT AND HOW LONG FOR?

 

Your personal data collected via the CONNECTDROP® mobile Application will be stored in the Application itself, accessible only by the User and uploaded to a certified Health Data Hosting Provider backup space for the duration of the activation of the User’s personal account. The User may request the deletion of their personal account, and the data contained therein by contacting the Company: gdpr@biocorp.fr.

 

Usage data relating to the operation of the Device and the mobile Application will be stored for a maximum period of twenty-four (24) months, on the legal basis of the Company’s legitimate interest, so that it can conduct post-market analysis or evaluations relating to the Device’s performance improvement as a medical device and the mobile Application, including but not limited to the monitoring of any malfunctions.

 

WHO HAS ACCESS TO YOUR PERSONAL DATA?

 

The Company undertakes to comply with current regulations on the protection of collected personal data and ensures that your personal data, whether directly or indirectly identifiable, is only accessible to authorised persons, including the following persons:

 

Who has access to your directly identifiable personal data?

  • The Data Protection Officer (DPO) designated by the Company in the event that you contact him (see “How can you exercise your rights” for details of how to contact the DPO), and the Company itself if necessary for the management of right by the DPO;
  • The Company in exercising certain of your rights.

 

Who has access to your indirectly identifiable personal data?

  • The Company, including its hosting provider, under strict conditions of security and confidentiality with restricted access;
  • The Company’s staff whose participation is necessary to process the data;
  • The persons responsible for analysing usage data relating to the CONNECTDROP® Mobile Application and the Device;
  • The persons responsible for regulatory affairs with the relevant authorities.

  • With your consent, the data collected by the Mobile Application may be reused, under strict conditions of security and confidentiality, in particular their hosting providers, for the purpose of carrying out a research study related to the use of the Device and the Mobile Application, promoted by the Laboratoires Théa S.A.S. For more information on this subject, we invite you to consult the information given by your healthcare professional when you were enrolled in the study.

 

YOUR RIGHTS OVER YOUR PERSONAL DATA

 

You have several rights regarding the processing of your personal data. These rights include the following:

  • Access: you have the right to request access to your personal data;
  • Correction: you have the right to request the correction of incomplete or inaccurate personal data that we hold about you;
  • Deletion: in certain circumstances, you have the right to ask us to delete or erase your personal data. There are, however, exceptions where we may refuse a request for deletion, such as where said personal data is necessary regarding compliance with French law or if it is relevant to claims;
  • Restriction: you have the right to ask us to suspend the processing of certain personal data about you, in particular if you wish us to establish their accuracy;
  • Objection: you have the right to challenge the fact that we process personal data on the grounds of legitimate interest (or the interest of third parties). However, we may be authorised to continue to process your personal data on the basis of our compelling legitimate interests or where it is justified by legal claims;
  • Use of your personal data after your death: you have the right to determine how your personal data will be used after your death.

 

You also have the right to file a complaint with a personal data protection supervisory authority: in France, the Commission Nationale de l’Informatique et des Libertés (CNIL).

 

HOW CAN YOU EXERCISE YOUR RIGHTS?

 

If you have any questions regarding the processing of your personal data or if you wish to exercise any of the rights mentioned above, please contact the Company: the Data Protection Officer (DPO) whose contact details are gdpr@biocorp.fr or Biocorp Production, DPO, Service Juridique, La Béchade ZI La Lavaur, 63800 Issoire, France.

 

In order to verify your identity in exercising your data protection rights, you may be asked to provide information that will allow the controller to confirm your identity beyond a reasonable doubt.

 

Any future changes to the Privacy Policy will be posted on the Company’s website at https://biocorpsys.com/en/connectdrop-protection-of-personal-data/. The Company advises each User of the Application to refer frequently to review any changes or updates to this Privacy Policy.

 

Terms and conditions of use

 

CGU_COD_EN_Ed5.0_(2025-02)