We attach great importance to the security and confidentiality of your personal data. This privacy statement applies to all users of the m-Path applications. It outlines the collection and processing of your personal data when registering and using the m-Path application and related services.
For any questions regarding the processing of personal data under this privacy statement, you can contact us via e-mail at privacy@m-path.io.
This privacy statement applies to the collection and processing of your personal data we carry out when using the m-Path applications in your capacity as a user. The m-Path applications are mobile applications that can be downloaded by anyone from the Google Play Store and the Apple AppStore. The m-Path applications are
As a user, you are either
m-Path is the responsible party for the processing of your personal data as explained in this privacy statement. We refer to m-Path in this privacy statement as “m-Path”, “we”, “us”, “our”.
Our details are:
Name: m-Path Software
Address: Diestsesteenweg 327, 3010 Leuven, Belgium
Company number: 1010.164.730
E-mail: privacy@m-path.io
The users of the application are practitioners providing services to their clients or researchers who send out questionnaires to research participants via the m-Path dashboard and who wish to have access to the application, including for testing purposes. These users generally also have access to the dashboard. For more information on the processing of personal data on the platform, please refer to our Dashboard privacy notice.
Each of those users has a specific goal:
Their counterparts are respectively the clients and research participants who are the natural persons filling out the specific questionnaires:
The practitioners and researchers are generally the parties responsible for processing personal data in and the data received through the questionnaires. If you are a client or research participant carefully read the privacy notices of the applicable practitioners and researchers with whom you establish a connection in order to understand how they process your personal data.
To provide the m-Path application, we also collect and process personal data under our own responsibility. This personal data is the following:
This refers to the specific number, serving as the internal user ID for the users, which is automatically assigned to it when creating an account. This number is used to identify the user on the dashboard and services.
This refers to the numbers that are generated when the practitioner or researcher establishes a connection with their client or participant. This number is used to refer to the specific connection.
This information refers, among others, to the IP addresses involved when using the application and services, the type and operating system of the devices accessing the application and services, the version of the application and services the user is using, information on the use of the application and services, information on technical issues of the application and services.
Please note that we are not able to identify you solely on the basis of your IP address and will never attempt to do so, except where this is legally required or in case of fraud or illegal activity.
We collect and process your personal data for the following purposes
We collect and process your personal data to be able to provide the agreed services on the applications. This includes the generation of accounts, the ability to connect with practitioners and/or researchers and the ability to respond to their questionnaires. For this purpose, we process your connection codes and device information.
To collect and process this personal data, we base ourselves on the agreement we conclude with you when you create your account and first access the m-Path application.
We collect and process personal data to enhance the quality of the application and related services. More specifically, device information is utilized to analyze service usage patterns, identify preferences, and detect areas for potential improvements. For this purpose, we process your device information. Such processing is instrumental in developing new features, enhancing user interfaces, and ensuring the overall effectiveness of the services.
To collect and process your personal data for this purpose, we base ourselves on your consent. This information is only collected and processed if you explicitly opt in. The information is intended to be used in an aggregated an anonymous manner and will never be used to identify you.
We collect and process personal data to ensure that the applications are used in a manner that complies with applicable laws and regulations and to prevent abuse and fraud. For this purpose, device information is collected and processed from the users of the applications.
To collect act process your personal data for this purpose, we base ourselves on our legitimate interest to ensure the safety and security of the applications.
To defend ourselves in legal proceedings, we may process any of the personal data named above.
For this processing purpose, we base ourselves on our legitimate interest to exercise our rights of defense in case of legal proceedings.
To comply with our legal obligations or any reasonable request from competent police authorities, judicial authorities, government agencies or bodies, including competent data protection authorities.
For this processing purpose, we base ourselves on our applicable legal obligation.
In principle, we do not share your personal data with anyone other than the people who work for us or are otherwise engaged by us. This means that only the following categories of recipients will receive your personal data named above:
Please consider that the subcontractors named above never receive access to the answers to the questionnaires. The KU Leuven, as our server host, will only have access to any information on the App in an encrypted at rest manner. Please note that such access is strictly necessary for the functioning of the App.
Anyone who has access to your personal data will always be bound by strict legal or contractual obligations to keep your personal data safe and confidential.
Please note that we may also share your practitioner/researcher code and names with the client or research participant, or other researchers connected to the application, if you use the applications in a way that requires it.
As a principle, we do not transfer your personal data outside the European Economic Area (the European Economic Area includes the countries of the European Union, Liechtenstein, Norway and Iceland). If a transfer takes place, we will take appropriate safeguards to protect your personal data as required under the applicable data protection legislation.
The user identification information is linked to the account of the user and will be retained until the user decides to remove his or her account. The connection codes are permanent and immutable. These codes will be retained for as long as either of the relevant user accounts exist.
The device information will only be kept for as long as necessary to achieve the purposes as described above, after which the information will be anonymized or permanently removed.
We will delete or de-identify your personal data when it is no longer needed for the purposes described above or when the retention period has ended. However, we cannot delete your personal data if there is a regulatory or court or administrative order preventing us from doing so.
The security and confidentiality of all data we process is very important to us. Therefore, we have taken steps to ensure that all personal data we process is kept secure. We have taken measures, including technical and organizational measures to protect our infrastructure, systems, applications and processes, such as the implementation of internal policies and guidelines, the limitation of processing to the personal data necessary to achieve the purposes, transparency regarding the purposes and processing of personal data, and the limitation of access to personal data to those who need access based on their role.
Under the General Data Protection Regulation, you have the right to exercise certain rights. Please note that we are generally unable to verify your identity due the specific design of the applications and in light of the security measures taken. We may therefore be unable to fulfill your requests. Nonetheless, you are allowed to share additional information with us to enable identification and fulfilment of your requests, where you deem this appropriate.
You have the right to request access to all personal data processed by us insofar as it pertains to you. You can exercise this right by contacting us as set out below. We reserve the right to refuse multiple requests for access that are clearly submitted for causing nuisance or harm to us or others.
You have the right to ask that any personal data about you which are inaccurate, are corrected free of charge. If a request for correction is submitted, such request must be accompanied by proof of the flawed nature of the data for which correction is asked.
You have the right to request that personal data about you be deleted if they are no longer required in light of the purposes outlined above. However, you need to keep in mind that a deletion request will be evaluated by us against:
In addition, you are free to delete your data at any time through the application by following the necessary instructions in your settings.
Instead of deletion, you can also ask that we limit the processing of your personal data if and when (a) you contest the accuracy of that data, (b) the processing is illegitimate or (c) the data are no longer needed for the purposes which are outlined above, but you need them to defend yourself in judicial proceedings.
You have the right to withdraw your consent that was earlier given for the processing of your personal data at any time.
You have the right to object to the processing of personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
Where the purposes identified above rely on your consent or a (pre-)contractual obligation, you have the right to receive a copy from us, in a structured, commonly used, and machine-readable format, of any personal data you have provided to us.
Each request addressed to us can be sent via e-mail to privacy@m-path.io.
An e-mail requesting to exercise a right will not be construed as consent for the processing of your personal data beyond what is required for handling your request. Such requests should clearly state and specify which right you wish to exercise and the reasons for it if such is required. It should also be dated and signed, and – in general – be accompanied by a digitally scanned copy of your valid identity card proving your identity.
We will promptly inform you of having received this request. If the request proves valid, we will notify you as soon as reasonably possible and at the latest thirty (30) days after having received the request.
If you have a complaint about the processing of your personal data by us, you can always contact us at privacy@m-path.io. If you are not satisfied with our response, you may lodge a complaint with the competent data protection authority, being the data protection authority of the country of your habitual place of residence, place of work or the place of an alleged infringement.
We can change this privacy statement on our own initiative, from time to time. If material changes to this privacy statement affect the processing of your personal data, we will communicate these changes in a way that we normally communicate with you (e.g., by notification on the application or via e-mail).
We invite you to read the latest version of this privacy statement on our website https://m-path.io/LegalPage/legal.html.
We attach great importance to the security and confidentiality of your personal data. This privacy statement applies to all users of the m-Path dashboard. It outlines the collection and processing of your personal data when registering and using the m-Path Dashboard and related services.
For any questions regarding the processing of personal data under this privacy statement, you can contact us via e-mail at privacy@m-path.io.
This privacy statement applies to the collection and processing of your personal data we carry out when you use the m-Path dashboard in your capacity as a user. The m-Path dashboard is a web-based platform that is accessible via het www.m-path.io website by logging in.
As a user, you are either
m-Path is the responsible party for the processing of your personal data as explained in this privacy statement. We refer to m-Path in this privacy statement as “m-Path”, “we”, “us”, “our”.
Our details are:
Name: m-Path Software
Address: Diestsesteenweg 327, 3010 Leuven, Belgium
Company number: 1010.164.730
E-mail: privacy@m-path.io
The users of the dashboard are either practitioners providing services to their clients or researchers who send out questionnaires to research participants.
By using the dashboard:
Both practitioners and researchers can use the dashboard to collect data about and from their respective clients and research participants by creating questionnaires. Those questionnaires are shared from the m-Path dashboard to the m-Path application.
However, in the provision of the m-Path dashboard, we also need to collect and process some information on the practitioners and researchers themselves. These personal data can be divided into the following categories of personal data:
This refers to identifying information which is asked to the user upon registering on the dashboard and related services, such as the names, e-mail address and affiliation.
This refers to the specific code, serving as the public facing user ID for the practitioner and researcher, which is automatically assigned to it when creating an account. This code is a unique and unalterable identifier related to the account that is shown to other users of the platform (dashboard users as well as app users) when interacting with them.
This refers to the specific number, serving as the internal user ID for the practitioner and researcher, which is automatically assigned to it when creating an account. This number is used to identify the user on the dashboard and services.
This refers to the numbers that are generated when the practitioner or researcher establishes a connection with their client or participant. This number is used to refer to the specific connection.
When you conclude an agreement with us for a paid subscription, we may process relevant financial information to ensure that payments can be handled properly.
This information refers, among others, to the IP addresses involved when using the dashboard and services, the type and operating system of the devices accessing the dashboard and services, the version of the dashboard and services the user is using, information on the use of the dashboard and services, information on technical issues of the dashboard and services.
Please consider that the data named above does never include the answers to the questionnaires.
We collect and process your personal data for the following purposes
We collect and process your personal data to be able to provide the agreed services on the dashboard and related services. This includes the generation of accounts, the ability to make and send out questionnaires and the ability to manage information on the m-Path dashboard. For this purpose, we process your user identification information, connection codes and device information.
To collect and process this personal data, we base ourselves on the agreement we conclude with you when you create your account and first access the m-Path dashboard.
When you subscribe to specific functionalities of the m-Path dashboard, we may require you to pay for such services. For this processing purpose, we will process your user identification information, where you directly subscribe to such services as a natural person, as well as your payment information.
To collect and process this personal data, we base ourselves on the agreement we conclude with you when you subscribe to the specific subscription services.
We collect and process personal data to enhance the quality of the dashboard and related services. More specifically, device information is utilized to analyze service usage patterns, identify preferences, and detect areas for potential improvements. For this purpose, we process your device information. Such processing is instrumental in developing new features, enhancing user interfaces, and ensuring the overall effectiveness of the services.
To collect and process your personal data for this purpose, we base ourselves on our legitimate interest to ensure the proper functioning of our dashboard and related services.
We may send you direct marketing communications relating to the m-Path services using your e-mail address.
Where you are an existing customer of m-Path, these communications will be sent you to on the basis of our legitimate interest to keep you informed in relation to new products and services offered by m-Path, as well as to tell you about potential new service offerings.
You may also opt-in to receiving such communications. In that case, we base ourselves on your consent to receive such communications. This consent can be managed on the m-Path dashboard under the relevant settings.
Please note that you are always able to opt-out from receiving such communication by sending us and e-mail or by clicking the unsubscribe link at the bottom of the communications.
We collect and process personal data to ensure that the dashboard and related services are used in a manner that complies with applicable laws and regulations and to prevent abuse and fraud. For this purpose, device information is collected and processed from the users of the dashboard and related services. However, if any issues are found in this processing, we may additionally process your user identification information.
To collect act process your personal data for this purpose, we base ourselves on our legitimate interest to ensure the safety and security of the dashboard and related services.
To defend ourselves in legal proceedings, we may process any of the personal data named above.
For this processing purpose, we base ourselves on our legitimate interest to exercise our rights of defense in case of legal proceedings.
To comply with our legal obligations or any reasonable request from competent police authorities, judicial authorities, government agencies or bodies, including competent data protection authorities.
For this processing purpose, we base ourselves on our applicable legal obligation.
In principle, we do not share your personal data with anyone other than the people who work for us or are otherwise engaged by us. This means that only the following categories of recipients will receive your personal data named:
To the extent required, anyone who has access to your personal data will always be bound by strict legal or contractual obligations to keep your personal data safe and confidential.
Please note that we may also share your practitioner/researcher code and names with the client or research participant, or other researchers connected to the application, if you use the dashboard in a way that requires it.
As a principle, we do not transfer your personal data outside the European Economic Area (the European Economic Area includes the countries of the European Union, Liechtenstein, Norway and Iceland). If a transfer takes place, we will take appropriate safeguards to protect your personal data as required under the applicable data protection legislation.
The user identification information is linked to the account of the user and will be retained until the user modifies or decides to remove his or her account. The connection codes are permanent and immutable. These codes will be retained for as long as the user account exist.
The device information will only be kept for as long as necessary to achieve the purposes as described above, after which the information will be anonymized or permanently removed.
Your payment information will be retained for the duration of our contractual relationship and ten (10) years thereafter.
We will delete or de-identify your personal data when it is no longer needed for the purposes described above or when the retention period has ended. However, we cannot delete your personal data if there is a regulatory or court or administrative order preventing us from doing so.
The security and confidentiality of all data we process is very important to us. Therefore, we have taken steps to ensure that all personal data we process is kept secure. We have taken measures, including technical and organizational measures to protect our infrastructure, systems, applications and processes, such as the implementation of internal policies and guidelines, the limitation of processing to the personal data necessary to achieve the purposes, transparency regarding the purposes and processing of personal data, and the limitation of access to personal data to those who need access based on their role.
You have the right to request access to all personal data processed by us insofar as it pertains to you. You can exercise this right by contacting us as set out below. We reserve the right to refuse multiple requests for access that are clearly submitted for causing nuisance or harm to us or others.
You have the right to ask that any personal data about you which are inaccurate, are corrected free of charge. If a request for correction is submitted, such request must be accompanied by proof of the flawed nature of the data for which correction is asked.
You have the right to request that personal data about you be deleted if they are no longer required in light of the purposes outlined above. However, you need to keep in mind that a deletion request will be evaluated by us against:
Instead of deletion, you can also ask that we limit the processing of your personal data if and when (a) you contest the accuracy of that data, (b) the processing is illegitimate or (c) the data are no longer needed for the purposes which are outlined above, but you need them to defend yourself in judicial proceedings.
You have the right to withdraw your consent that was earlier given for the processing of your personal data at any time.
You have the right to object to the processing of personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
Where the purposes identified above rely on your consent or a (pre-)contractual obligation, you have the right to receive a copy from us, in a structured, commonly used, and machine-readable format, of any personal data you have provided to us.
Each request addressed to us can be sent via e-mail to privacy@m-path.io.
An e-mail requesting to exercise a right will not be construed as consent for the processing of your personal data beyond what is required for handling your request. Such requests should clearly state and specify which right you wish to exercise and the reasons for it if such is required. It should also be dated and signed, and – in general – be accompanied by a digitally scanned copy of your valid identity card proving your identity.
We will promptly inform you of having received this request. If the request proves valid, we will notify you as soon as reasonably possible and at the latest thirty (30) days after having received the request.
If you have a complaint about the processing of your personal data by us, you can always contact us at privacy@m-path.io. If you are not satisfied with our response, you may lodge a complaint with the competent data protection authority, being the data protection authority of the country of your habitual place of residence, place of work or the place of an alleged infringement.
We can change this privacy statement on our own initiative, from time to time. If material changes to this privacy statement affect the processing of your personal data, we will communicate these changes in a way that we normally communicate with you (e.g., by notification on the dashboard or via e-mail).
We invite you to read the latest version of this privacy statement on our website https://m-path.io/LegalPage/legal.html.
Use m-Path in different settings:
