Privacy Policy
for Patient Onboarding to the Neptune Platform
As of January 2022
I. Identity and contact details of the data controller
The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:
Orbit Health
Mangfallstrasse 16
82061 Neuried
Germany
hello@orbit.health
II. Contact details of the data protection officer
We have appointed the following data protection officer:
DataCo GmbH
Dachauer Str. 63
80335 Munich
Germany
info@dataguard.de
III. Data processing while onboarding for the Neptune platform
Neptune is a platform for the treatment of Parkinson’s disease. It is provided by Orbit Health GmbH, Mangfallstrasse 16, 82061 Neuried, Germany, +491607564836, hello@orbit.health, https://orbit.health. This present Privacy Policy informs about the usage of personal data during the onboarding process only. Please find more information about further processing in the Orbit Privacy Policy can be found here: https://orbit.health/…
Physicians can use Neptune to monitor patients’ health and motor fluctuations using a smartwatch and smartphone with the Neptune app to evaluate symptoms and optimize necessary medications for the disease.
To use Neptune, physicians need to add patient’s data to their Neptune dashboard to monitor their treatment of Parkinson’s disease. To do so, patients must declare consent to their attending physician who is classified as controller according to Art. 4 No. 7 GDPR. By adding a patient, the following personal data of the patient are usually processed on the Neptune platform:
| First Name | Last Name | Email address |
| Date of Birth | Height (cm) | Weight (kg) |
| Diary entries | Sense of wellbeing entries | Sense of symptom control entries |
| Motor state distribution | Medication plan and compliance | Time zone |
| Email address | Mobile phone number | Clinic / Medical Group Name |
| Patient Clinic ID | National ID | Smartwatch ID |
IV. Legal basis for processing
Your attending physician obtains your consent for processing activities involving personal data. Article 6 (1) (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. For the processing of special categories of personal data, (e.g. health data) Article 9 (2) (a) will be used as legal basis. In giving your consent, you are doing so to both the physician and the provider of the platform.
V. Data erasure and storage duration
Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
VI. Objection, withdrawal and removal options
You can opt out the consent to processing your data at any time by addressing it to the attending physician or the provider of the platform. By this your data will be deleted unless legal requirements require retention as mentioned above.
VII. Data subject’s rights
You have the right to information, to access, to rectification, to restriction of processing, to erasure, to data portability, to object and to complain to a supervisory authority.
VIII. Recipients or categories of recipients of personal data
As part of the processing of personal data your attending physician will pass on your data to the provider mentioned above.
This privacy policy has been created with the assistance of DataGuard.
