This page informs you of our policies regarding the collection, use and disclosure of personal information we receive from users of BeHapp.
We use your personal information only for the purpose of conducting formal scientific studies in which you have agreed to participate. By using BeHapp you agree to the collection and use of information in accordance with this policy.
Many smartphone application operators collect information that your smartphone sends (monitoring data). BeHapp was designed as an aid for scientific studies of behavior. As such it will only be installed on your own personal device if you have given approval to do so and after being appropriately informed about the nature of this application. This process is referred to as 'informed consent'.
The data collected by BeHapp includes, among others, information on general smartphone application usage, phone call activity, sms activity and (gps) location updates. The application also scans for bluetooth devices and wifi access points in the vicinity of the device. For each of these data points the time and date and other statistics are registered. Importantly, we never record or collect any information with regard to the content of any of your spoken or written messages. Also, any information related to the persons you interact with are obfuscated before being sent to our systems.
The security of your personal information is important to us, but remember that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information we cannot guarantee its absolute security. We take various measures to ensure your security and privacy:
- As a base principle, no directly identifiable information about any participant is stored within any system that is part of the BeHapp service. Participants are represented by unique id’s. These id’s may be associated with identifiable information in decentralized third party information systems managed by other (health) care providers.
- Monitoring data is encrypted before being stored locally on your device.
- After each successful upload, all of the local monitoring data is cleared from the device. In the event that your phone is stolen report this to your study manager. He/she will reinitialize your account which will cause the application to fully reset itself on your stolen phone including the removal of existing monitoring data.
- All communication streams between the mobile applications and our centralized data storage components will go through secured (encrypted) channels using modern industry standards.
- Information gathered about identities of third persons, e.g. contacts of participants, are obfuscated on the phone before being sent to the central data store preserving unicity while ensuring privacy.
- The BeHapp service resides within the Google Cloud Platform which employs a security model built on 15 years of experience in protecting customer data. The platform is compliant with HIPAA, ISO 27001 and the EU Data Protection Directive. Furthermore, all data stored is encrypted by default ensuring that only researchers part of the BeHapp team are able to access the data.