Privacy Policy and Use of Personal Data

This privacy policy and use of personal data applies to all EzyGain websites and applications.

This data is what the therapist deems necessary for monitoring the patient, or data that the patient provides themselves via the application forms or client portal: name, first name, gender, height, weight, medical conditions, comments. This data is necessary for tracking the patient's performance. Certain data such as weight or height are necessary for the functioning of certain exercises.

During an exercise, several types of data are recorded:

• Data from connected devices: for example, weight and speed data if the Ema treadmill is connected, or speed data if it is the CycloSense.
• Scores, assessments, analyses

Data related to the functioning of connected devices is recorded for diagnostic purposes, preventive maintenance, and troubleshooting. For the Ema treadmill, this may include data on motor usage time, intensity, temperature of electronic boards... This data is not linked to the patient.

IP address, type of device and browser, operating system, connection dates... This data is collected for security purposes. It may be used to identify any fraudulent access to the account.

Data collected via the application is stored locally on the tablet. If the tablet is connected to the Internet, the data is synchronised with a server. This server is hosted by a certified HDS (Health Data Host) provider in France.

• The patient and the therapist:
  • Via the application or client portal
  • The user can modify or delete their data themselves
• EzyGain:
  • EzyGain does not have access to the patient's personal data
  • EzyGain has access to certain anonymised data, with the aim of:
    • Improving algorithms for gait, balance, and movement analysis
    • Guiding future developments through, for example, usage statistics of different exercises

Data is retained for the duration of the patient's treatment, that is, as long as the patient record exists in the application. It is deleted after 10 years of inactivity.

User side (patient or therapist):

• Strong password required (at least 8 characters, including numbers and uppercase letters)
• Two-factor authentication via SMS, email, or providing data from the connected treadmill
• Communication with the server is encrypted in HTTPS

Access to the server

• Only EzyGain technical staff can access the server, via a secure connection (VPN + SSH).
• Access to the server is logged and monitored.

In accordance with the provisions of Regulation No. 2016/679, known as the General Data Protection Regulation (GDPR), you have the following rights regarding your data:

• Right of access and inquiry: You have the right to request information on what data EzyGain holds about you.
• Right to rectification and erasure: You have the right to correct your data and request its deletion.
• Right to object: You have the right to object to EzyGain using your data for legitimate reasons. The consequences of your objection depend on the purpose for which your objection is communicated to us; for certain purposes, your refusal may prevent us from providing the requested service or performance.
• Right to data portability: You have the right to request EzyGain to retrieve your personal data in an electronic format.

All of these rights can be exercised directly with EzyGain, by email at the following address: legal@ezygain.com, or by post at the following address:
EzyGain SAS
47 rue Marcel Dassault
92 100 Boulogne-Billancourt