This is the in-app privacy policy for the “Nutri-IBD” app (the “app” or “application”), developed
by the Weizmann Institute of Science (“Weizmann”). This in-app privacy disclosure explains which personal data the application collects, the purpose
of collecting the data, how we handle the data, including how your data is collected, accessed,
used, shared and stored. Users of this application are participants in clinical research into
Crohn’s Disease, led by the Weizmann Institute of Science (“Weizmann”) in Israel, in
collaboration with several medical institutions globally (the “Study”). Weizmann is the
controller of the personal data in the application (the “Data”).
1. WHAT IS THE PURPOSE AND LEGAL BASIS OF THE DATA COLLECTION BY THE APP?
This Data is collected for the purpose of the Study, or future studies, including for improvement
of the application. The Data is collected based on the General Data Protection Regulation
Article 9(2)(j) legal basis of Weizmann’s conducting scientific research.
2. WHICH DATA DOES THE APPLICATION COLLECT AND TRANSMIT?
This application collects personal data submitted by the user. This includes sensitive personal
data. The Data collected is: fecal details (stool characteristics), food intake diary frequency,
symptoms, days the user calls in sick, sleep diary, physical activity, medication and food
supplement intake frequency and stress level.
3. HOW IS THE DATA USED?
The Data will be used to advance scientific and clinical research in the Study, as well as for
medical treatment. It may also be used to improve the application as part of the Study or other
future studies. Data provided through the application will be associated with other data
provided by Study participants through other means. The Data will be analyzed by researchers.
4. HOW THE APPLICATION COLLECTS PERSONAL DATA ON USERS
This application collects data from your inputting the Data into the application (self-reporting).
App usage data will be collected automatically.
5. SHARING DATA WITH THIRD PARTIES
Data input through the application is pseudonymized, and may be shared with your local health
center physician and team, and with Study researchers, all in accordance with the terms of the
Study protocol and your consent. Re-identification is possible only at the user participant’s local
health treatment center. Data may be processed by sub-processors of Weizmann, but is not
otherwise shared with any third parties.
6. WHERE DO WE STORE YOUR DATA? HOW LONG DO WE RETAIN IT?
We store your Data on secure servers located in Israel. Your Data is encrypted and strictly
access-controlled. Data will be retained for 15 years for research purposes.
7. INTERNATIONAL DATA TRANSFERS
Your Data will be sent by the application to Israel. Israel has been recognized by the EU
Commission as adequate for data protection purposes.
8. SECURITY AND STORAGE OF INFORMATION
The Data is transferred in pseudonymized form to servers in Weizmann and is subject to
technical and organizational security measures, including: access limitation, password
protected access, access logging, confidentiality, firewall, encryption
9. DATA SUBJECT RIGHTS, GENERAL
If your Data is governed by GDPR or other applicable law, you have data subject rights, such as
the right to erasure, right to rectification, right to portability, and other such rights. For more
details and to exercise your rights, visit
https://www.weizmann.ac.il/pages/privacy-policy
There you can also find a full data protection notice and policy, to which this notice is subject.
You have a right to lodge a complaint with a supervisory authority. You may contact our data
protection officer at: dpo@weizmann.ac.il.