Privacy Policy

Privacy Policy of Ugani uFit

Version: 1.0
Effective Date: 01/01/2025
Controller: Ugani Prosthetics BV, Belgium
Contact Email: privacy@ugani.org
Website: www.ugani.org

1. Introduction

This privacy policy describes how Ugani Prosthetics BV (hereafter "Ugani", "we", or "us") processes your personal data when you use the Ugani uFit application ("uFit"). uFit is a medical software solution for certified prosthetists and orthotists to manage, design, and produce patient-specific prosthetic and orthotic devices.

Ugani processes personal and medical data in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the requirements of the Apple App Store.

2. Who is responsible for processing your data?

Data Controller:
Ugani Prosthetics BV
Sluisstraat 79
3000 Leuven
Belgium
Email: privacy@ugani.org

3. Which personal data do we collect and why?

Ugani collects and processes the following categories of data:

User Data: name, email address, professional affiliation
Patient Data: pseudonymised or anonymised biometric measurements, notes relevant to prosthetic or orthotic device fabrication
Usage Data: logs, system diagnostics, crash reports, and user preferences

We process this data to:

Enable core functionality of the app
Improve user experience and app performance
Support technical troubleshooting
Comply with medical and regulatory standards

4. On what legal basis is your data processed?

We rely on the following GDPR legal bases:

Performance of a contract (Article 6(1)(b)): for user access and design functionality
Legal obligation (Article 6(1)(c)): where required by medical device regulations
Legitimate interest (Article 6(1)(f)): for service improvements
Consent (Article 6(1)(a)): when explicit consent is required, especially for sensitive medical data

5. Hosting and transfer of data

Data is hosted on secure servers within the European Union. In some cases, data may be processed on servers outside the EU in jurisdictions that provide adequate protection (Art. 45 GDPR) or under Standard Contractual Clauses (Art. 46 GDPR).

All data transfers are governed by appropriate Data Processing Agreements (DPAs). Our cloud infrastructure providers are fully compliant with GDPR.

6. How is your data protected?

We implement technical and organisational measures including:

End-to-end encryption (TLS)
Access control and authentication
Role-based permissions
Secure data backups
Logging and audit trails

Medical data is stored and processed with enhanced security safeguards in line with EU MDR and GDPR requirements.

7. Retention period

We store personal and patient data for the duration necessary to fulfill the purposes described above and to comply with legal and regulatory obligations. Upon request, users may ask for earlier deletion unless longer retention is legally required.

8. Third-party access

We do not sell or share data with third parties for marketing purposes. Access to data is strictly limited to:

Technical service providers (under DPA)
Legal and regulatory authorities (if required by law)

9. Your rights under GDPR

You have the right to:

Access your data (Art. 15 GDPR)
Rectify incorrect data (Art. 16 GDPR)
Request erasure (Art. 17 GDPR)
Restrict or object to processing (Art. 18 & 21 GDPR)
Data portability (Art. 20 GDPR)
Withdraw consent at any time (Art. 7(3) GDPR)

To exercise these rights, contact: privacy@ugani.org

10. Informed consent for medical data

Healthcare professionals using uFit are responsible for obtaining legally valid informed consent from patients before entering any medical data into the app. uFit provides features to support pseudonymisation and consent tracking.

11. Updates to this privacy policy

We reserve the right to update this privacy policy to reflect changes in our practices or legal requirements. Users will be notified via the app or email in case of significant changes.

Contact Information:
Ugani Prosthetics BV
Email: privacy@ugani.org
Website: www.ugani.org

This policy was last updated on 25/06/2025.