ACE Health is a trading name of GroupNos Technologies Ltd. and operates the OpenFIT product ('we', 'us', 'our'). This Privacy Policy below outlines our privacy policy for organisations who are customers of the OpenFIT system.

OpenFIT Privacy Policy for Healthcare & Social Care Providers, Payors, and Their Employees

Effective date: 16th July 2023

​​ This privacy notice is for people who use this OpenFIT website and for people who we communicate with for marketing purposes. 

We respect your privacy and will treat your data in accordance with the EU General Data Protection Regulation, the Data Protection Act 2018 and other applicable data protection and e-privacy law.

When we collect or use your data, GroupNos Technologies (the owner of OpenFIT) is the “data controller”, which means we decide how and why your data is processed. Our contact details are listed at the bottom of this notice.
There is a separate privacy statement for people who use the OpenFIT platform and programs.

Introduction: OpenFIT understands the importance of privacy for our partner health and social care provider organizations, payors, and their employees who use our software. This Privacy Policy outlines our commitment to safeguarding the data shared with us.

Compliance with Regulations: Our operations strictly adhere to all local and international data protection laws, regulations, and best practices. This includes but is not limited to the General Data Protection Regulation (GDPR) (EU) 2016/679, Data Protection Act 2018, Personal Information Protection and Electronic Documents Act (PIPEDA), Privacy Act 1988 (Cth), Health Information Privacy Code 1994 under the Privacy Act 2020, Danish Data Protection Act (Act on Processing of Personal Data), Patient Data Act (Patientdatalagen, PDL), Health Personnel Act (Helsepersonelloven), and other relevant legislations.

Processing & Protection of Personal Data: When processing personal, health, and social care data, we always uphold the highest standards of data protection. We recognize the responsibilities of both parties concerning protected data. OpenFIT commits to facilitating the rights of data subjects under applicable data protection laws. This includes rights to access, correction, deletion, portability, and objection. We emphasize the principle of data minimization, processing only the minimum necessary protected data required for the purpose it was collected. It is retained only for as long as necessary or as required by law. After which, the data is securely deleted or anonymized.

International Data Transfers: Given our global operations, data may occasionally be transferred across international borders. We guarantee that such transfers comply with all applicable data protection laws, ensuring appropriate safeguards. Breach Notification: We prioritize data security. In the unlikely event of a breach or suspected breach, we will promptly notify affected parties and collaborate to investigate and respond in accordance with applicable laws.

Data Rights for Employees of Providers & Payors: Employees of our partner organizations, as end users of our software, have specific rights related to their personal data. These rights can be exercised at any point, and OpenFIT is dedicated to facilitating these rights in accordance with relevant laws.

Third-party Sharing: Data is a critical asset, and its sanctity is of paramount importance. Any sharing of data with third parties, if required for operational purposes, will always be under conditions that mandate the same high standards of data protection.

Feedback & Queries: We continually strive to maintain the trust placed in us. For feedback, inquiries, or to exercise data-related rights, please contact our data protection officer at dpo@openfit.care