Privacy Policy of Ugani uFit
Version: 1.0
Effective Date: 01/01/2025
Controller: Ugani Prosthetics BV, Belgium
Contact Email: privacy@ugani.org
Website: www.ugani.org
1. Introduction
This privacy policy describes how Ugani Prosthetics BV (hereafter "Ugani", "we", or "us") processes your personal data when you use the Ugani uFit application ("uFit"). uFit is a medical software solution for certified prosthetists and orthotists to manage, design, and produce patient-specific prosthetic and orthotic devices.
Ugani processes personal and medical data in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the requirements of the Apple App Store.
2. Who is responsible for processing your data?
Data Controller:
Ugani Prosthetics BV
Sluisstraat 79
3000 Leuven
Belgium
Email: privacy@ugani.org
3. Which personal data do we collect and why?
Ugani collects and processes the following categories of data:
-
User Data: name, email address, professional affiliation
-
Patient Data: pseudonymised or anonymised biometric measurements, notes relevant to prosthetic or orthotic device fabrication
-
Usage Data: logs, system diagnostics, crash reports, and user preferences
We process this data to:
-
Enable core functionality of the app
-
Improve user experience and app performance
-
Support technical troubleshooting
-
Comply with medical and regulatory standards
4. On what legal basis is your data processed?
We rely on the following GDPR legal bases:
-
Performance of a contract (Article 6(1)(b)): for user access and design functionality
-
Legal obligation (Article 6(1)(c)): where required by medical device regulations
-
Legitimate interest (Article 6(1)(f)): for service improvements
-
Consent (Article 6(1)(a)): when explicit consent is required, especially for sensitive medical data
5. Hosting and transfer of data
Data is hosted on secure servers within the European Union. In some cases, data may be processed on servers outside the EU in jurisdictions that provide adequate protection (Art. 45 GDPR) or under Standard Contractual Clauses (Art. 46 GDPR).
All data transfers are governed by appropriate Data Processing Agreements (DPAs). Our cloud infrastructure providers are fully compliant with GDPR.
6. How is your data protected?
We implement technical and organisational measures including:
-
End-to-end encryption (TLS)
-
Access control and authentication
-
Role-based permissions
-
Secure data backups
-
Logging and audit trails
Medical data is stored and processed with enhanced security safeguards in line with EU MDR and GDPR requirements.
7. Retention period
We store personal and patient data for the duration necessary to fulfill the purposes described above and to comply with legal and regulatory obligations. Upon request, users may ask for earlier deletion unless longer retention is legally required.
8. Third-party access
We do not sell or share data with third parties for marketing purposes. Access to data is strictly limited to:
-
Technical service providers (under DPA)
-
Legal and regulatory authorities (if required by law)
9. Your rights under GDPR
You have the right to:
-
Access your data (Art. 15 GDPR)
-
Rectify incorrect data (Art. 16 GDPR)
-
Request erasure (Art. 17 GDPR)
-
Restrict or object to processing (Art. 18 & 21 GDPR)
-
Data portability (Art. 20 GDPR)
-
Withdraw consent at any time (Art. 7(3) GDPR)
To exercise these rights, contact: privacy@ugani.org
10. Informed consent for medical data
Healthcare professionals using uFit are responsible for obtaining legally valid informed consent from patients before entering any medical data into the app. uFit provides features to support pseudonymisation and consent tracking.
11. Updates to this privacy policy
We reserve the right to update this privacy policy to reflect changes in our practices or legal requirements. Users will be notified via the app or email in case of significant changes.
Contact Information:
Ugani Prosthetics BV
Email: privacy@ugani.org
Website: www.ugani.org
This policy was last updated on 25/06/2025.