Skip to main content
Skip table of contents

Data privacy statement for the UNITY Platform and the UNITY Outcome Application

Data Privacy Policy for RAYLYTIC Software GmbH

1. General Information

This data privacy statement applies to all data processed by RAYLYTIC related to the UNITY Platform - including the UNITY Outcome application. For data processed by our website and by administrative systems used for business and contractual relationships, please refer to our data privacy policy on our website (https://raylytic.com).

Responsible party

RAYLYTIC Software GmbH (hereafter RAYLYTIC)
Gottschedstraße 4
04109 Leipzig, Germany
Email: support@raylytic.com

Data Privacy Officer

N. Spuling
RAYLYTIC Software GmbH
Gottschedstraße 4
04109 Leipzig
Email: datenschutz@raylytic.com

Goal and Scope

This data privacy statement provides information according to Art. 13 and 14 of the General Data Protection Regulation (GDPR) about the processing of personal data by RAYLYTIC related to the use of the UNITY Platform, its modules, and the relevant rights of affected persons. Our goal is to guarantee transparency in regards to data processing and ensure the protection of sensitive (in particular, health-related) data. We strictly abide by the requirements of the GDPR and additional relevant data protection laws.

2. Technical Infrastructure, Certifications, and Security Measures of the UNITY Platform

This section is particularly aimed at data protection officers, IT managers, and departments that place special emphasis on the technical framework conditions.

2.1 Certifications and server locations

RAYLYTIC as well as the relevant processes for the development and service provisioning of the UNITY Outcome application are subject to strict certifications and comply with the following standards and regulations:

Regarding our computing centers, among others:

  • ISO 27001, ISO 27017, ISO 27018

    • SOC Type 2

    • HIPAA & HITECH

    • C5

Regarding our processes, software development, and service provisioning, with annual certification by an independent authority:

  • ISO 27001 (Information Security Management System)

  • ISO 13485 (Quality Management System for Medical Prodcuts and Medical Software)

Aditionally, we demonstrate conformity with the following through internal evaluation:

  • ISO 14155 (Requirements for software and processes for conducting clinical evaluations of medical products / GCP)

  • 21CFR Part 11 (Requirements for electronic record keeping and digital signatures in electronic systems according to FDA 21 CFR Part 11)

Server locations and computing center operators:

  • All data of European customers are saved in computing centers within the EU.

  • Backups of the UNITY Platform are conducted within an encrypted computing center in Germany as well as in a secondary encrypted computing center in France.

  • Our partners in computing center operation have their business domicile located within the EU and fulfill all data protection and legal requirements for the processing of health data according to current legislation. Contracts with our computing center operations have been concluded according to Art. 28 DSGVO.

2.2 System separation and network segmentation

Separation via VLANs and physical separation

  • Our systems are isolated from one another by VLAN-based network segmentation. This method separates the physical network in multiple logically separated segments (broadcast domains), which prevents unauthorized access across system boundaries.

  • The office infrastructure is physical and, in regards to network segmentation, separated from our sever infrastructure.

Separated system environments

  • Four separated environments exist for the UNITY Platform and its included modules:

    • Development: For the implementation and testing of new functions.

    • Test/QA: for quality assurance and function testing.

    • Demo: For training and sales purposes.

    • Production: For live operations and use.

This separation of the systems into dedicated VLAN areas ensures that unauthorized access to one environment and spillover into other environments is made more difficult

2.3 Protection of sensitive patient-identifying data

Pseudonymization

Health data are saved in a pseudonymized manner in the UNITY Platform by default. The pseudonym is assigned by the appropriate treatment facility (e.g., doctor, clinic, clinical site). The relationship between the pseudonym and the patient is therefore only known to the treatment facility, meaning that neither RAYLYTIC nor third parties can make any inferences as to the identity of a patient.

Separation of patient-identifying data and health data

  • For traceability using a patient name and for sending e-mails to patients, there is the option to save patient names, e-mails, and telephone numbers within the UNITY Platform. The availability of these optional fields for users can be set by either the clinical facility or by RAYLYTIC.

  • These optional identification data are separated from health data in UNITY using additional, strong, AES-based “Field Level Encryption.”

  • Even in the event of unauthorized access to the production database or the transfer of the database to other instances—which are each stored on encrypted storage devices—these sensitive features remain protected by encryption and are not readable in plain text, which significantly hinders access to them even if the database is accessed without authorization.

E-mail communication between clinic and patient

  • If the UNITY function is used for communication between the clinic and the patient via email, the email server of the respective treating institution is used. This ensures that no data (emails, log files) is generated on systems of RAYLYTIC Software GmbH and that patients can recognize the potentially familiar sender of their treating clinic

  • For this purpose, UNITY securely stores the login credentials for sending emails via a dedicated mailbox on the clinic's email server in encrypted form.

Medical device status of the UNITY Outcome application

  • The UNITY Outcome application is a Class I medical device. This ensures that the collection, processing, and saving of health data are sufficient to fulfill the regulatory requirements for medical devices of this class. Patient-identifying data are therefore exclusively to be accessed by clinical users (e.g., the physician) within the clinic, provided that the clinic captures these data.

2.4 Additional technical security measures

Access and encryption protection

  • In addition to HTTPS/SSL/TLS (at least Version 1.2) for data transfer, additional measures such as firewalls, VPN, two-factor authentification (2FA) for administrative access, and regular security updates are also used. All storage devices of the servers, employee PCs, and laptops are encrypted.

Access limitation and monitoring

  • The UNITY platform uses a granular access rights and permissions system. Permissions can be assigned either by RAYLYTIC (provided the purchase order forsees this) or by authorized users on the customer’s end (clinic, sponsor). Simultaneously, all security-relevant activies (audit logs) are documented seamlessly.

Separate Logging:

  • Audit logs for tracking security-relevant actions and technical system logs (for error diagnosis and performance monitoring) are maintained separately. System logs do not contain any personal data. Audit logs do not contain data that allows the identification of patients (though they may contain references to patient pseudonyms).

3. Audience-Specific Sections

Specific information on data processing for the respective stakeholders can be found below. In general, the following applies: Personal data are only stored for as long as necessary to fulfill the respective purpose or as required by statutory retention obligations (e.g., under commercial, tax, or medical device law). Once the purpose has been fulfilled or the retention periods have expired, the data are routinely deleted or anonymized.

3.1 For patients

Collection and processing of health data

  • Pseudonymized processing: Health data are collected via the UNITY Outcome application on behalf of the treatment facility (e.g., clinic, clinical study center) using electronic questionnaires. These data are processed in a pseudonymized manner by default. That is, RAYLYTIC cannot infer any information about the identity of a patient without additional information provided by the clinic.

  • Consent and responsbility of the clinic: Your participation in surveys and the processing of your health data occur with your express consent (Legal basis Art. 9, Para. 2 lit. a GDPR) that you give to the treatment provider (doctor, clinic, clinical study site). This entity is responsible for gathering your consent and providing relevant information about the kind, scope, and purpose of the data collection.

  • Optional Identification Data: Insofar as your treatment provider plans to collect your name, e-mail address or telephone number in the UNITY platform (e.g., for simplified communication and organization), they will provide you with the relevant information and gather your consent (Legal basis Art. 6, Para. 1 lit. a GDPR). These data, as described in Section 2.3, are encrypted and saved in such a way that they are particularly safe, even from access by RAYLYTIC itself.

  • RAYLYTIC as order processer: RAYLYTIC processes your data only within and according to the order agreement with the treatment provider (Art. 28 GDPR).

  • Storage period: The storage period of your data is determined by the treatment provider, depending on the purpose of collecting the data (e.g., for the length of a study or for the course of a treatment) and in compliance with legal storage periods.

Rights of affected persons:

  • Your rights as an affected person are detailed in section 4.

  • Since RAYLYTIC processes your data only in pseudonymized form and cannot identify you personally, we kindly ask you to exercise your rights (access, rectification, deletion, etc.) directly with your treating institution (physician, clinic, or study center). Your treating institution will evaluate your concern and prompt the necessary steps (e.g., data correction, deletion, providing information about the data saved in UNITY).

3.2 For clinical users (Doctors, hospital staff)

User account and access management:

  • Necessary data: When creating an account for the UNITY Platform, your name, title (if applicable), job title, e-mail address, telephone number, and the role of your organization (clinic, practice, sponsor) will be gathered.

  • Purpose and legal basis: We use these data for creating and managing your user account, for authentification, for guaranteeing system secruity, and for communication related to the use of the platform. The legal basis is the fulfillment of the user agreement between your institution and RAYLYTIC (Art. 6(1)(b) GDPR), as well as our legitimate interest in the secure and efficient administration of user accounts (Art. 6(1)(f) GDPR).

  • Storage period: The data of your user account will be stored as long as your account is active and/or the contract with your institution is in effect, unless longer statutory retention periods apply.

  • Permissions and access rights system: The permissions for the individual user roles and users are set to default settings upon delivery. Customers (e.g., clinics, study sponsors) are responsible for reviewing the permission distribution for each role, adjusting it if necessary, and particularly ensuring that administrative permissions are carefully assigned to specific roles and users in accordance with internal guidelines and requirements.

Recording of log- and metadata:

  • Audit-Logs: These capture actions such as logins, data changes, and permission changes in order to guarantee traceability and security. These logs can contain user IDs.

  • System-Logs: These record technical parameters such as mistakes, execution times, program executions for the purpose of mistake analysis and performance optimization. They do not contain personal data.

  • Purpose and legal basis: We process audit logs to ensure security, traceability, and compliance with regulatory requirements (legal basis: Art. 6(1)(c) GDPR in conjunction with potentially specific regulations such as those from medical device law, GCP, and/or Art. 6(1)(f) GDPR - legitimate interest in system security and traceability). We process system logs for error analysis and platform optimization (legal basis: Art. 6(1)(f) GDPR - legitimate interest in stable and efficient operation).

  • Storage period: Log data are saved in accordance with the pertinent security and traceability requirements as well as in accordance with legal requirements and are subsequently deleted or anonymized.

Data transfer and special considerations for radiographic data:

  • Data transfer occurs using modern encryption procedures (see Section 2.4).

  • When transmitting radiological images to the UNITY platform (UNITY Image Manager), patient-identifying metadata are automatically removed in the browser of the providing clinic before transmission and only selected, essential technical information for processing is added back.

  • Assigning imaging data to patients occurs exclusively through the respective institution using patient pseudonyms.

  • The UNITY Platform provides tools that allow physicians to generate and document proof of anonymization of imaging data.

3.3 For business partners and sponsors of clinical evaluations and studies

For data that are saved outside of our UNITY Platform, please refer to our data protection statement at: https://raylytic.com/ . For data that are saved witin the UNITY Platform, the same remarks apply as described in Section 3.2, with the following specifiations:

  • Access to patient data: Sponsors of clinical evaluations have access to pseudonymized patient data (given the appropriate permissions). In contrast to the respective clinical institution, sponsors are unable to access additional saved, patient-identifying data. Therefore, the identity of patients is protected from access by study sponsors.

  • Study documents: It is possible for sponsors to save study documents, protocols, forms, and similar files and to share these with study participants. This functionality is optional, and which content is shared is within the discretion of the sponsor.

4. Rights of Data Subjects

As a person affected by data processing, you have the following rights:

  • Right of access (Art. 15 GDPR): You have the right to obtain information about the personal data we store about you.

  • Right to rectification (Art. 16 GDPR): You may request the correction of inaccurate data.

  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR): You may request the deletion of your data, unless legal obligations (e.g., statutory retention requirements) prevent this.

  • Right to restriction of processing (Art. 18 GDPR): Under certain conditions, you may request that the processing of your data be restricted.

  • Right to object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR. You may object to direct marketing at any time without providing reasons.

  • Right to data portability (Art. 20 GDPR): You have the right to receive the data you have provided to us in a commonly used, structured, and machine-readable format, or to request that it be transmitted to another controller, where processing is based on your consent or a contract and carried out by automated means.

  • Right to withdraw consent (Art. 7(3) GDPR): Any consent you have given (e.g., for marketing or the processing of optional patient data) can be withdrawn at any time with future effect. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, workplace, or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR. The supervisory authority responsible for us is generally the Saxon Data Protection Commissioner (Sächsischer Datenschutzbeauftragter).

5. Glossary - Definition of terms

Personal Data: Information relating to an identified or identifiable natural person (e.g., name, email address, user ID, IP address).

Health Data: Personal data related to the physical or mental health of a natural person, including the provision of healthcare services, from which information about that person’s health status can be derived (a special category of data under Art. 9 GDPR).

Pseudonymization: A process by which personal data is processed in such a way that it can no longer be attributed to a specific data subject without the use of additional information. In the context of UNITY, the treating institution typically maintains a separate, confidential list linking pseudonyms (e.g., patient numbers) to identity data, so that re-identification is only possible by the treating institution.

User Account: An account assigned to users and patients within the platform.

Audit Logs: Log files that record security-relevant activities (e.g., logins, changes to permissions), as well as data changes and deletions, in order to ensure traceability and security.

System Logs: Technical log files documenting internal system events such as errors, execution times, and program operations, used for diagnosis and optimization.

Field-Level Encryption: A method of encrypting individual database fields to ensure that sensitive information stored within them (e.g., optional patient-identifying data) remains unreadable in plain text, even in the event of unauthorized access to the database.

Technical and Organizational Measures (TOMs): Measures pursuant to Art. 32 GDPR to ensure the protection of processed data — including, among others, encryption, firewalls, VPNs, access restrictions, role-based access control, and monitoring.

6. Changes and updates

We reserve the right to adjust this data protection statement so that it reflects the current legal requirements, technology, or changes in our services, e.g. with the introduction of new services. For your next visit, the most recent version of the privacy policy will apply. The current version can always be found on our website (e.g., at https://help.raylytic.com/ ).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close