GDPR Compliance

Overview

Cerebric diligently adheres to GDPR regulations, safeguarding your personal data with strict protocols and robust security measures, reinforcing trust and accountability in our operations.

Lawfulness, Fairness, and Transparency

Status: Fully compliant

We process all personal data lawfully, fairly, and in a transparent manner in relation to the data subject.

Data Minimization

Status: Implemented by design

We only collect and process the minimum amount of personal data necessary for our specified purposes, ensuring privacy protection from the ground up.

Consent

Status: Supported and documented

Consent is important, and we support clinicians in getting clear agreement from patients before using Cerebric in a consultation. That's part of the normal clinical process. From a data protection perspective, Cerebric doesn't rely on consent under GDPR. Instead, we process data on the controller's instructions, under Article 6(1)(e) (public task) or Article 6(1)(f) (legitimate interests), and Article 9(2)(h) for health data.

Rights of the Data Subject

Status: Fully supported

We fully support the rights of individuals under GDPR, including the right to access, correct, delete, and restrict processing of their data, the right to data portability, and the right to object.

Data Protection by Design and by Default

Status: Embedded in our architecture

We implement appropriate technical and organizational measures that ensure and demonstrate that we process personal data in compliance with GDPR. This includes measures to protect data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Data Transfer

Status: EU/EEA restricted

We ensure your data remains within the EU/EEA and is protected in accordance with GDPR requirements.

Data Breach Notification

Status: 72-hour notification process

We have established procedures to detect, report, and investigate personal data breaches, ensuring notification to supervisory authorities within 72 hours where feasible.

Data Protection Officer (DPO)

Status: Designated and accessible

We have appointed a qualified Data Protection Officer who oversees our data protection strategy and ensures compliance with GDPR requirements.

Contact Information

For questions about our GDPR compliance or to exercise your data subject rights, please contact us at:

Email: support@cerebric.io

We are committed to maintaining the highest standards of data protection and privacy for all users of our platform.