1. Personal data responsible
Processing of personal data when using iCellate's services is based on an agreement with you. Treatment is also carried out to comply with legal obligations under law and government decisions and, for special treatments, with your consent.
2. Purpose of processing
iCellate processes your personal information when necessary to perform according to the contract with you. iCellate must process personal data in order to provide the services and products that iCellate offers and therefore you cannot be a customer of iCellate without us processing your personal data.
Your personal information is used, among other things, for invoicing, information and delivery of products, performance of services and contact with you as a customer. The personal data is also used to make your analysis results available to you.
iCellate’s processes your personal data in the ways required to comply with obligations imposed by iCellate under government decisions and laws, such as the Public and Secrecy Act (2009: 400), the Health Care Act (2017: 30) and the Patient Data Act (2008: 355).
3. Personal data being processed
Personal data is all information that can be associated with a living person. iCellate collects and processes different types of personal data in the context of its business, depending on the type of service you use. Some information about you will also be created through the tests you can order, such as the test results produced by the laboratory and clinics that assist us.
iCellate may collect the following personal information from you when using iCellate's services:
Information about your identity - first name, last name, social security number and gender.
Your contact details - invoice and delivery address, e-mail address, telephone number.
Payment information - information for making payments to iCellate or issuing an invoice.
Health information - information about your health according to questions at the time of ordering.
Service/sample information - information about what product (sample or analysis) you have ordered.
Genetic information - genetic sequence data obtained in order to provide the ordered service.
4. Recipients of personal data
iCellate's service is complicated and requires that we collaborate with and interact with other healthcare providers and that we take help of developers and other suppliers. iCellate will therefore transfer your personal information and take the help of other operators to process your personal data when necessary to (i) fulfill the agreement with you, (ii) comply with law, regulation or decision. The following types of recipients may be relevant:
Clinics, health centers and laboratories - iCellate collaborates with various clinics and health centers to draw blood needed for the analysis. iCellate may also collaborate with specialized labs that analyze different parts of samples submitted.
Consulting physicians - iCellate sometimes has collaborations with selected physicians and other healthcare professionals who help analyze and comment on the results.
Authorities - iCellate may need to disclose information to authorities if we are required to do so by law or if you have requested that we do so. In some cases, iCellate may be prevented by law from telling you that your personal information has been requested by the authority.
Notification Services - iCellate may use services to automatically communicate to you, eg. with confirmations or reminders. These companies will only have access to your contact information and have undertaken not to share your personal information beyond what is necessary to carry out the service.
Developers and consultants - iCellate takes the help of developers and consultants from other companies to build iCellate's IT infrastructure and further develop the service. Such developers may need to access simpler personal information about you when needed for development or troubleshooting.
Sensitive information about you, including your health information, is processed in accordance with law. Such information will therefore only be available to such personnel who shall have access to it by law. The information will not be disclosed or transmitted to any recipient other than when permitted by law.
iCellate processes as much of its data as possible within the EU/EES. If data is transmitted to be processed by a supplier or subcontractor outside the EU/EES, the recipient has always entered into contract terms with iCellate which ensures that the recipient maintains a level of protection comparable to the EU/EES.
No health data processed by iCellate is kept outside the EU/EES by iCellate or iCellate's subcontractors.
5. Retention of personal data
Personal data is retained for as long as necessary to fulfill the purposes described above.
Information about you that is linked to your user account on iCellates.se will be retained as long as your account is open. You can choose to close your account and iCellate will then delete your information when it does not need to be retained for other purposes, as described above.
6. Information security
iCellate, as the data controller, takes appropriate technical and organizational measures to protect the personal data processed in accordance with section 2 of the Data Protection Regulation. iCellate has specific internal guidelines and processes for dealing with information security issues.
If your personal data is covered by a security incident (so-called "personal data incident"), iCellate will contact you in accordance with the Data Protection Regulation.
Cookies are used on iCellate website. Cookies are small text files that are stored on the visitor's computer and make it possible to follow what the visitor does on the website.
There are two types of cookies:
A permanent cookie that remains on the visitor's computer for a specified period of time.
A session cookie that is temporarily stored in the computer's memory while a visitor is on a website. Session cookies disappear when you close your browser.
No identification information, such as e-mail or name, is saved about visitors through cookies.
The visitor can choose not to accept cookies by turning off cookies in their own browser's security settings. The visitor can also set the browser so that he or she gets a query every time the site tries to place a cookie on the visitor's computer. The browser can also delete previously stored cookies. See your browser's help pages for more information.
The Swedish Post and Telecom Agency, which is the supervisory authority in the area, provides additional information about cookies on its website (http://www.pts.se/).
8. Your analysis response
If you have ordered services yourself at icellate.se you have the opportunity to access your analysis answers. This does not apply to the service "OncoMate® - Genetic Cancer Evaluation" where answers are provided to your treating physician.
9. Your rights
iCellate has a data protection representative. The Data Protection representative is the contact person for the exercise of rights vis-à-vis iCellate with the contact details given below.
You also have the right to request a register extract, in electronic format or on paper. iCellate will compile information about how your personal data is processed and send it to you, usually within a month.
You have the right to request that iCellate correct personal data that you believe is incorrect and to submit supplementary personal data (in special cases) if you believe that the personal data processed by iCellate has given you an incorrect picture.
You have the right to request that iCellate delete your personal information. iCellate will then delete personal data that iCellate does not have to retain in order to fulfill legal obligations. iCellate will also continue to process personal data in certain other cases, including when personal data must be processed to fulfill an agreement with you.
You always have the right to file a complaint with the supervisory authority, the Data Inspectorate (under name change to the Privacy Protection Authority).
If you want to request a register extract, withdraw a consent or correct / delete a task, please contact iCellate’s Data Protection Officer via email@example.com, subject: Data Protection Officer.