Privacy Policy

We commit to safeguarding the privacy of the users of the Picterus® Jaundice Pro. Therefore, the Picterus® Jaundice Pro limits collection and storage of personal information about users and patients, and will handle such information under General Data Protection Regulation (GDPR, EU 2016/679 regulations).

1. Introduction

   Picterus AS is the data controller for the collected data, in connection with the use of the Picterus® Jaundice Pro, (mobile application and web platform JAUNDICE@HOME). When it comes to collecting data about patients / newborns using our product, the users of the Picterus® Jaundice Pro are seen as data controllers and the Picterus ® Jaundice Pro as a data processor. In this notice, “we”, “us” and “our” refer to Picterus AS.

   
   

   Both as a data controller and as a data processor, Picterus AS ensures that all data is processed in a secure and lawful manner in accordance with EU Regulation 2016/679 ("GDPR") and national data protection laws.

   
   

   In this privacy statement, we explain what data we collect and for what purposes we use it. If you have any questions, do not hesitate to contact us via the contact information listed at the end of this statement.

   
   

   The privacy statement may be changed from time to time. Therefore, visit this page regularly to understand what we do. If we make extensive changes to this statement, we will always notify our users before using the service.

   
   

2. Categories of data objects

   We process data related to the following categories:

   •    The users of the Picterus® Jaundice Pro (mobile application and web platform JAUNDICE@HOME)

   •    The patient / the newborn

     
     

3. Data Picterus AS collects

   The Picterus® Jaundice Pro app only takes images of a small part of the skin from the newborn's chest, and the images should contain no identifiable information. In addition, some personal information about the newborn may be requested by the Picterus Jaundice Pro for the calculation of the bilirubin value:

   •    Age at time of measurement (calculated from birth date and time registered in the app).

   •    Birth weight.

   •    Gestational age.

   
   

   For users of our application, Picterus AS stores the email address linked to the user account for subscribing to our bilirubin measurement service, which is required for performing bilirubin measurements using Picterus ® Jaundice Pro.

   
   

   For every measurement performed, which also includes attempts that do not provide a bilirubin value, we save the results and assign them a unique measurement ID number along with the timestamp of the measurement. This data can be linked to the stored images of the newborn's chest as well as the user account.

   
   

   Other information we collect includes device type, operating system, country, the Picterus® Jaundice Pro software version, and device language. The full description of the use of the data is described in more detail below.

   
   

   We may handle information regarding transactions, such as purchases of Goods and Services, that you make with us and/or through our website. This data may include your contact information, payment details, and specifics of the transaction. Transaction Data may be processed for the purpose of supplying the purchased Goods and Services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter such a contract and legal requirements for proper accounting.

   
   

   We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (referred to as ‘Notification Data’). Notification Data may be processed for the purpose of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent.

   
   

   We may process information contained in or relating to any communication that you send to us (referred to as ‘Correspondence Data’). Correspondence Data may include the communication content and metadata associated with the communication. Correspondence Data may be processed for the purposes of communicating with you and record-keeping, e.g., for technical support or accounting purposes. Further, when you seek technical support from us, you understand and acknowledge that the individual(s) providing you with support may need to access your Service Data and Usage Data to diagnose the problem you are seeking support for; in this case, this information will only be used to help provide you with support. The legal basis for this processing is our legitimate interests, namely the proper administration of our business and communications with users, which we believe will benefit you.

   
   

4. Picterus AS and social media

   On our website, we integrated social media Like and Share buttons (Facebook, Twitter, LinkedIn), which allows you to share the content you like directly with your network. The social media plugins may process your personal data when you choose to share or like any content of our website with your network. Picterus AS does not control and is not responsible for the processing of personal data by these networks.

   
   

5. For what purpose Picterus AS collects data

   We need the mentioned data to offer you a complete service. We may also use anonymous data for research and development purposes to improve and further develop our services. Furthermore, anonymized data can be used for customer service, marketing, communication and for legal purposes. Finally, all the images that are processed and stored on our servers can be used to help our technology become more accurate in screening for neonatal jaundice.

   
   

6. The legal basis for Picterus AS processing of data

   According to the GDPR, Picterus AS must base its processing of personal data on a legal basis. Our processing of personal data will be based on one or more of the following:

   •    The processing is necessary to fulfil an agreement to which you are a party, or to implement measures at your request before entering into an agreement.

   •    The processing is necessary for our legitimate interest, to the extent that this interest is not violated by your interests or fundamental rights and freedoms that require the protection of personal data.

     
     

7. Picterus AS and the transfer of data

   Picterus AS uses third party service providers to help us offer or improve our services; this includes payment providers, authentication services (i.e. Google, Apple), and financial institutions, and business partners or research institutions. The data may be transferred to, and processed by, such service providers. We will do everything necessary to ensure that third party providers that process data do so in a secure manner and in accordance with applicable law.

   
   

   Service providers who process data on our behalf do so based on a data processor agreement that regulates the data processor's responsibility in connection with the processing of relevant data.

   
   

   All data you provide to us and that we collect from you is stored on secure cloud servers within the territory of the EU or stored by reliable third-party service providers outside the EU, which are maintained to the same high standards. As a result, the information may be transferred and stored at a destination outside your country.

   
   

   We can also share data with the authorities in cases where we are required by law to do so.

   
   

   In cases where the Picterus system is accessed from a healthcare institution (e.g., a hospital or clinic), your Picterus account may be linked to that organization. Authorized personnel within the organization will be able to access relevant clinical data, including the clinical information of the newborn, for the purpose of providing healthcare services, diagnosis, or maintaining medical records.

   
   

   Access to clinical data by these organizations is strictly regulated and limited to authorized healthcare professionals who are bound by confidentiality obligations and applicable healthcare laws (such as GDPR and HIPAA, where applicable). This access is granted to ensure the safe and effective delivery of clinical care. The data accessed will be limited to what is necessary for the clinical use or record-keeping purposes of the organization, and all access is subject to audit logs for security and transparency.

   
   

   Picterus AS will ensure that any organization accessing this data does so under strict security protocols and legal frameworks, including Data Sharing Agreements that regulate the use, processing, and protection of the clinical data in compliance with applicable laws. These agreements ensure that healthcare institutions are responsible for safeguarding the data, adhering to the highest standards of privacy and security, and limiting access only to authorized personnel.

   
   

8. Data security

   Picterus AS has implemented various measures and procedures to safeguard the data.

   
   

   All data you provide via the app when it is transferred to or from the servers is encrypted using industry-standard encryption (TLS).

   
   

   We store uploaded images in separate data warehouses. The web server infrastructure is protected by firewalls and monitoring.

   
   

   We work with appropriate procedures to prevent unauthorized access to and/or misuse of data.

   
   

9. Storage of data

   We will store the data that has been uploaded, including the images. After 3 months, all data, including the images, will be anonymized so no personal data remains connected to the user account or device. In this process, any information we have stored about birth time and date is removed but the age of the newborn at image capture. Images and other anonymized information is kept for the purpose of medical, clinical, and commercial research, and for testing our services.

   
   

   While the measurement data is linked to the user account, the user can access the bilirubin result and other information about the measurement though the measurement history functionality in the app. The information from the result and available measurement history can also be exported to a PDF file. If the user chooses to use this functionality, you do so at your own risk, and Picterus AS assumes no responsibility for the handling, security, or protection of the data once it has been exported.

   
   

10. Personal information about children

    Our service takes images of a small part of the naked skin on the newborn's chest. It is not possible to recognize the new-born based on the stored images when the product is used correctly. If images containing personally identifiable information are discovered, these will be deleted from our systems.

    
    

    Any newborn information requested from the user in the newborn profiles in the app (age at measurement, birth weight and/or gestational age) are needed for calculating the correct bilirubin value.

    
    

11. Your rights

    You can make inquiries via email using the address below. You also have the right to contact the Data Protection Authority when you are concerned about your rights, or if you feel that we process your data illegally.

    
    

Your rights

At the request of users, Picterus AS will delete user accounts and / or other personal information collected. If a user account is deleted, any associated images and newborn information collected for measurements will be anonymized.




13. Contact information

The Picterus® Jaundice Pro is owned and operated by Picterus AS. Our headquarters are at Kjøpmannsgata 61, 7011 Trondheim, Norway. You can contact us by email at contact@picterus.com, or via our website www.picterus.com.

Thank you for taking the time to read our Privacy Policy. Should you have any questions or concerns, do not hesitate to contact us.