PIANISSIMO – Privacy Policy

1) CONFIDENTIALITY AND PROTECTION OF PERSONAL DATA

As part of the study entitled “Personalised physIcal Activity promotioN in osteoarthrItis patientS uSIng a sMartphone-based sOlution” (PIANISSIMO), we will need to collect and process some of your personal data to enable us to meet the scientific objectives of the Study.

The Luxembourg Institute of Health is responsible for collecting, analysing and, more generally, processing your personal data, and for ensuring that it is protected, in accordance with the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (known as the GDPR) and all subsequent texts replacing or supplementing this Regulation, in particular, Luxembourg’s law of 1 August 2018 on the organisation of its National Commission for Data Protection and the implementation of the GDPR (collectively known as the Law on Data Protection).

2) WHAT TYPE OF DATA WILL WE COLLECT?

If you choose to take part in the study, we will only collect the personal data we need to achieve the scientific aims of our study.

We will collect the following data from you by means of questionnaires on a mobile phone application, and from Apple Health/Google Fit apps or a smart watch:

Data relating to your health: weight, height, medical history and current treatment linked to osteoarthritis, results from SF-WOMAC questionnaire required by study,
Personal data: name, first name, email address, age, sex,
Other categories of processed data: country and type of residence, income, your sport habits, your physical activity level (data collected indirectly), your level of education, your socio-professional group, your alcohol/tobacco consumption.

In addition, your connection history to the mobile application will be collected and your daily steps recorded by your smart watch or phone will be also collected indirectly from Apple Health/Google Fit in the background, with no action required from you.

3) ON WHAT LEGAL BASIS WILL WE PROCESS YOUR DATA?

The use of your personal data is necessary to enable us to achieve the aims of the study. The study is conducted based on your explicit consent (art. 6.1a and art. 9.2a of the GDPR).

If you decide to withdraw from the study, your personal data will be deleted, and Luxembourg Institute of Health will not collect new data pertaining to you within this study. There will be no link between your name and the study data. As such, the project manager upon the time of withdrawal will ask if you accept the continued process of the data that has been collected, for scientific or statistical research purposes by the Luxembourg Institute of Health.

4) WHO WILL HAVE ACCESS TO YOUR DATA?

Apart from the Study’s investigating doctor and the authorized members of his/her team working under his/her responsibility, only the following categories of persons will be able to access your data in relation to their respective duties:

Names or data that directly identifies you (email address): the project manager of the study and the application/database manager (ITX team) at the Luxembourg Institute of Health, which will have access to the Study’s correspondence table, linking your identity data to the code assigned to you for the Study.

Coded (pseudonymised) data: the scientific leader of the study at the Luxembourg Institute of Health and the team working under his/her responsibility (including data from Apple Health / Google Fit).

Your data will not be used for any fully automated decision-making processes or for any profiling purposes.

5) WHAT ARE YOUR RIGHTS?

You will have the right to access and amend your personal data. In accordance with the conditions set out by the law*, you will also have the right to object to the way in which your data is being used, to request that your data be deleted, to ask to restrict certain aspects of the processing of your data, to retrieve your data so that you can send it to a third party (right to data portability) and/or to withdraw your consent to process your personal data. If you wish to exercise your rights, you should contact the Project Manager.

Lastly, you have the right to raise a complaint with Luxembourg’s National Commission for Data Protection (CNPD) in relation to the processing of your personal data.

For information about how the Luxembourg Institute of Health processes your personal data, please contact the Luxembourg Institute of Health ’s Data Protection Officer by email at dpo@lih.lu or by post at the following address:

LUXEMBOURG INSTITUTE OF HEALTH

Protection des données

1A-B, rue Thomas Edison

L-1445 Strassen

LUXEMBOURG

* The Luxembourg Institute of Health will examine all your requests to exercise rights in accordance with the GDPR and the Luxembourg law of August 1, 2018 on the organization of its National Commission for Data Protection and the implementation of the GDPR.

6) HOW DO WE PROTECT YOUR PERSONAL DATA?

The Luxembourg Institute of Health takes appropriate security measures, based on the sensitivity of the information concerned, to protect your data from the risk of unauthorized access, loss, fraudulent use, disclosure, modification and destruction. Your data will be treated as strictly confidential. It will also be pseudonymised, meaning that your name will be replaced by a confidential reference code. This code will not directly identify you and will only be used to process your data for scientific purposes. Your identity will never be disclosed in any document produced for the public or for other institutions. The correspondence table showing the link between your name and the reference code will be kept confidential and secure by the Project Manager and will be stored separately from the other data associated with the Study. Only a small number of people will have access to it (see “Who will have access to your data?” above).

7) FOR HOW LONG WILL YOUR DATA BE STORED?

Your data will be stored, in accordance with the applicable legal provisions and in a way allowing your identification, for a period of 2 years following the end of the study which is expected in March 2026. After this 2 years’ period, the table linking your identity to the other data will be deleted, meaning that Luxembourg Institute of Health will be no longer able to satisfy your requests, as we will have no way to re-identify you. As such, you will not be able to withdraw from the study after this period neither we will be able to provide you any report.

Your identifiable information being deleted, it means that the study data collected for the purpose of the study will be anonymized (no direct link between your study data and you).

Be informed that Luxembourg Institute of Health will continue to process your anonymous data for research purpose. The anonymized dataset will be stored for 15 years in secured server at Luxembourg Institute of Health.

8) TRANSFERS OF DATA OUTSIDE THE EUROPEAN UNION

None of your personal data will be transferred outside the European Union. For more detailed information on the appropriate measures taken by the Luxembourg Institute of Health, please send your request by email to the Luxembourg Institute of Health’s Data Protection Officer at dpo@lih.lu.

Related News

All news

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
pll_language	1 year	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.
vOTSXIlGdxFUt	1 day	No description
xwNvEASRYf_	1 day	No description

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_ZM94YP9CD3	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_16961320_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
DEVICE_INFO	5 months 27 days	No description
ln_or	1 day	No description

PIANISSIMO – Privacy Policy

1) CONFIDENTIALITY AND PROTECTION OF PERSONAL DATA

2) WHAT TYPE OF DATA WILL WE COLLECT?

3) ON WHAT LEGAL BASIS WILL WE PROCESS YOUR DATA?

4) WHO WILL HAVE ACCESS TO YOUR DATA?

5) WHAT ARE YOUR RIGHTS?

6) HOW DO WE PROTECT YOUR PERSONAL DATA?

7) FOR HOW LONG WILL YOUR DATA BE STORED?

8) TRANSFERS OF DATA OUTSIDE THE EUROPEAN UNION

Related News

Pollution and Health: LIH Study Links Environmental Exposure to Heart Risks

Early Insights from Colive Cancer’s Breast Cancer Survey Revealed

Reflecting on CoVaLux 2024: Bridging Science and Preparation for a Post-Pandemic World

Luxembourg researcher among the globe’s most highly cited scientists

Towards a paradigm shift in ischaemic heart disease

An unwavering commitment to diabetes research