1 Definitions

“RADAR-base” is the software produced by the RADAR-base project.

“THE DEVELOPERS” are all contributors to the RADAR-base aRMT app and RADAR-base open source project (inclusive of, but not limited to members of King’s College London Precision Health Informatics Data Lab and The Hyve).

“DEPLOYMENT” is an instance of the RADAR-base software https://radar-base.org. Not inclusive of any extensions or 3rd Party integrations.

“THE APP” refers to the RADAR-base Active (aRMT) Mobile App. Published on Google Play and Apple App Stores.

• https://play.google.com/store/apps/details?id=org.phidatalab.radar_armt

• https://apps.apple.com/gb/app/radar-active-rmt/id1483953055

“INSTRUMENT” is a data collection mechanism in THE APP (e.g. a questionnaire, audio sample, digital test).

“DEPLOYMENT OWNER” is an owner of the DEPLOYMENT or derivatives (servers and backend software and any apps), these will depend on the owner of the backend infrastructure THE APP connects to and where data collected is stored.

“PROJECT” refers to one RADAR-base data collection project or study on a DEPLOYMENT owned by the DEPLOYMENT OWNER. This for example might be one of several research projects within one DEPLOYMENT.

“PROJECT OWNER” is the owner of a data collection PROJECT.

“PERMITTED USER” shall mean end-users of THE APP who have been assigned credentials to use THE APP AND DEPLOYMENT by the DEPLOYMENT OWNER and PROJECT OWNER to submit data.

“SERVICE” refers to the use of RADAR-base as a DEPLOYMENT together with THE APP by one or more PROJECT OWNER(S) and DEPLOYMENT OWNER.

2 Disclaimer

2.1 Software

THE DEVELOPERS built THE APP and RADAR-base as free software. This software is provided by THE DEVELOPERS at no cost and is intended for use as is. THE DEVELOPERS of THE APP do not provide any warranties, or guarantees of service uptime, or accept any liability for use of RADAR-base software.

RADAR-base IS PROVIDED AS IS. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL OR EQUITABLE THEORY, WHETHER IN TORT, CONTRACT, STRICT LIABILITY OR OTHERWISE, SHALL THE DEVELOPERS OR ANY OF ITS EMPLOYEES, DIRECTORS, OFFICERS, AGENTS, VENDORS OR SUPPLIERS BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL LOSSES OR DAMAGES OF ANY NATURE ARISING OUT OF OR IN CONNECTION WITH THE USE OF OR INABILITY TO USE THE APP and RADAR-base, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, LOSS OF DATA, WORK STOPPAGE, ACCURACY OF RESULTS, OR COMPUTER FAILURE OR MALFUNCTION, EVEN IF AN AUTHORIZED REPRESENTATIVE OF THE DEVELOPERS HAS BEEN ADVISED OF OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES.

3 Information Collection

The APP is designed for user-defined data collection, this is to say INSTRUMENTS are specified and approved by the PROJECT OWNER and DEPLOYMENT OWNER. This section describes the data collection capabilities of THE APP as pertains to the RADAR-base software. If you choose to use THE APP then you agree to the collection and use of information in relation to this policy.

Besides data collection as part of a PROJECT, THE APP will only collect data described in sections “Log Data” and “Analytics” (see Section Performance Log Data and Analytics), this information is made available to THE DEVELOPERS for improving performance.

This policy is separate from any agreement, consent or contract between the PERMITTED USER, the PROJECT OWNER(s) and the DEPLOYMENT OWNER.

3.1 Data Collection

THE APP may only be used by PERMITTED USER(S), as defined herein as permitted to access and submit data to THE DEPLOYMENT by the PROJECT OWNER and/or the DEPLOYMENT OWNER under the terms of any separate consent, contracts or other agreement. PERMITTED USER(S), by downloading and/or using THE APP hereby agree to the following terms and conditions in addition to the Licensed Application End User License Agreement supplied by Apple and Google, Inc. Questions regarding PERMITTED USER(s) data collection should be directed to your PROJECT OWNER and local DEPLOYMENT OWNER.

A specific PROJECT running on a DEPLOYMENT (of which there may be multiple deployments, with multiple projects) may use THE APP to create and deploy INSTRUMENT(s) questionnaires, audio tests, or other digital assays, to collect data from contributing participants (i.e. a PERMITTED USER) into a DEPLOYMENT e.g. for a scientific research study or clinical trial. The contents of these data collection INSTRUMENT(s) e.g. questionnaires are determined not by the DEVELOPERS, but by the research PROJECT OWNER and/or the DEPLOYMENT OWNER. Any information collected and shared with a PROJECT OWNER and/or the DEPLOYMENT OWNER and/or 3rd Party is explicitly by agreement between the PROJECT OWNER and/or the DEPLOYMENT OWNER and the PERMITTED USER, normally but not exclusively, through a separate (paper or electronic consent document). By using RADAR-base the PROJECT OWNER and/or the DEPLOYMENT OWNER accept all responsibility and liabilities for data collection, storage, sharing and use of RADAR-base. THE DEVELOPERS accept no responsibility for the use of RADAR-base, agreements, contracts or consent, or data collected by the PROJECT OWNER and/or the DEPLOYMENT OWNER or any associated 3rd Party.

INSTRUMENT(s): Current optional data collection capabilities provided to PROJECT OWNERS by THE APP include the following categories (though additional modes may be added in the future):

• Questionnaires

• Speech Audio

• Digital Assays

Depending on the PROJECT OWNER and DEPLOYMENT OWNER, the INSTRUMENTS used in the PROJECT may be designed to collect personally identifiable information or personal health information, e.g. a questionnaire included a field for an address or name.

3.2 Data Deletion

Agreements to share data are made between the PERMITTED USER and PROJECT OWNER and/or DEPLOYMENT OWNER and therefore requests to delete data are based on the particular details set out in consent documents, contracts or agreements separately agreed. RADAR-base and the DEVELOPERS have no part, access to, or ability to act in this capacity or to delete PROJECT data. Requests to delete data should be made by the PROJECT OWNER and carried out by the DEPLOYMENT OWNER.

3.3 Performance Log Data and Analytics

3.3.1 Service Providers

The app does use third-party services that may collect information used to identify you.

Links to privacy policies of third-party service providers used by the app

• Google Play Services https://www.google.com/policies/privacy/

• Firebase

  • https://firebase.google.com/support/privacy

  • https://support.google.com/firebase/answer/6318039

• Apple App Store privacy policy:

  • https://www.apple.com/legal/privacy/data/en/app-store/

  • https://www.apple.com/legal/privacy/data/en/app-analytics/.

3.3.2 Log Data

We THE DEVELOPERS want to inform you that whenever you use THE APP, in case of an error in the app we collect data and information (through third-party products see Service Providers) on your phone called Log Data by these services. This Log Data may include information such as your device name, device id, operating system version, the configuration of the app, the time and date of your use of THE APP; and other statistics which Google may add to from time to time.

The Personal Information that we collect is used for providing and improving RADAR-base software and service. We will not use or share your information with anyone.

3.3.3 Analytics

The app employs Google Firebase for app event data collection, messaging, remote configuration, and others. We use the event data collected to get a better sense of how users interact with the app and help us understand the causes of any issues that may arise. We use the messaging and remote configuration services to support app features.

Firebase Analytics: Firebase Analytics is used to provide insight into app usage and user engagement.

Firebase Remote Config: Firebase Remote Config is used to set configurations and update the app behaviour without requiring an app update. The service uses Instance IDs to determine user-specific configurations.

Firebase Cloud Messaging: Firebase cloud messaging is used to send push messages (for example notifications) to the app. These can be enabled or disabled by the PERMITTED USER at any time in the phone settings. The service uses Instance IDs to determine which devices to deliver messages to.

Firebase Crashlytics: a crash reporting solution for developers of mobile applications, including analyzing crash reports to provide information about how and under what circumstances such applications crashed.

4 General Data Protection Regulation (GDPR)

4.1 Security

We value your trust in providing us with data listed in Section 3.3 Performance Log Data and Analytics, thus we strive to use commercially acceptable means of protecting. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

4.2 Links to Other Sites

The RADAR-base app only presently links to the https://radar-base.org site. This Service may contain links to other sites if included by the PROJECT OWNER and/or DEPLOYMENT OWNER (for example in a questionnaire or information field). If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

4.3 Children’s Privacy

This app is not targeted at persons under 13. These SERVICE does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers (however, deletion of data collected into THE DEPLOYMENT will still need to follow the deletion policy under the control of the DEPLOYMENT OWNER see 3.2 Data Deletion). If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to carry out the necessary actions.

4.4 Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.

5. Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us. Contact email: radar-base@kcl.ac.uk