Privacy Policy

Version 1

At WAVY MEET, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy aims to provide you with clear and concise information about how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable
laws.

1. Identity and Contact Details
WAVY MEET acts as a data processor, processing personal data on behalf of the healthcare organizations licensed to use the WAVY MEET platform. If you have any questions or concerns regarding the processing of your personal data, please contact the healthcare organization responsible for your remote cardiac rehabilitation. For further assistance, you can write to us at info@wavymeet.com.

2. Purpose and Legal Basis
WAVY MEET processes your personal data to provide a remote cardiac rehabilitation support system as directed by the healthcare organization, which acts as the data controller. The legal basis for processing your personal data is based on the healthcare organization’s legitimate interests or other legal grounds as determined by the data controller.

3. Legitimate Interests
The legitimate interests pursued by WAVY MEET are to assist healthcare organizations in delivering remote cardiac rehabilitation services effectively and securely. We ensure that your rights and freedoms are respected and protected.

4. Recipients of Personal Data
Your personal data may be shared with the following recipients or categories of recipients:

1. Healthcare professionals and personnel involved in your remote cardiac rehabilitation within the licensed healthcare organization.
2. WAVY MEET’s authorized personnel and service providers who assist in the operation and maintenance of the WAVY MEET platform.

5. Retention Period
We will retain your personal data in accordance with the instructions and policies set by the healthcare organization. The specific retention period or criteria used to determine the retention period will be provided to you by the healthcare organization.

6. Your Rights
As a data subject, you have rights regarding your personal data as defined by the applicable data protection laws. Please refer to the privacy policy of the healthcare organization to understand and exercise your rights.

7. Security Measures
WAVY MEET has implemented technical and organizational measures to ensure the security and confidentiality of your personal data, as directed and in accordance with the instructions provided by the healthcare organization. For more information, please visit https://wavymeet.com/wp-content/uploads/2023/05/information-
security-policy.pdf

8. Automated Decision-Making and Profiling
WAVY MEET does not engage in automated decision-making or profiling activities that significantly affect individuals.

9. Camera Permission
WAVY MEET requires access to your device’s camera for capturing video during the virtual therapy session and transmitting it to the other participants of the session. We assure you that we only access your camera for the specified purposes and do not misuse this permission.

We are committed to supporting healthcare organizations in their compliance with data protection laws and continuously improving our privacy practices. If any changes are made to this Privacy Policy, the healthcare organization will notify you accordingly. If you have any questions or concerns regarding your privacy or the processing of your personal data, please contact the healthcare organization responsible for your remote cardiac rehabilitation.