General Terms of Use (GTU) of the VisioWin® Software

1.Purpose

The purpose of these General Terms of Use (GTU) is to define the terms of use of the VisioWin® software (hereinafter referred to as “the software”) intended for healthcare professionals for the screening of visual disorders. The use of the software implies the unconditional acceptance of these GTU by the user.

2.Definitions

Data Controller: A legal (such as a joint company) or natural person who determines the purposes and means of processing, that is, the objective and the way to achieve it. In this case, the data controller is the legal entity using the software.

Personal Data: Any information that identifies or makes a person identifiable.

Health Data: A particular type of personal data related to a person’s health.

EMR (Electronic Medical Record) Software: An application that enables healthcare professionals to manage and access patient records in digital form, facilitating the documentation, monitoring, and secure sharing of health data.

Processor: A natural or legal person (company or public body) that processes data on behalf of another organization (the data controller) as part of a service or provision. In this case, the processor is FIM Medical.

User: The user is the data controller (the legal entity using the software).

3.Use of the Software

The software is intended to be used by healthcare professionals for the screening of visual disorders. It collects and analyzes data related to the exploration of patients’ visual functions. The purpose of using this data is at the exclusive discretion of the data controller.

4.Collection and Use of Personal Data

In accordance with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (GDPR), and Law No. 78-17 of 6 January 1978 on data processing, files, and freedoms, as amended (Data Protection Act), the software may collect and store personal data relating to patients, such as identification information, health data, and screening results. This data is stored in a local database under the responsibility of the user in compliance with the aforementioned regulations.

5.User Responsibility

The user is fully responsible for the security and confidentiality of the data stored in the local database. The user commits to taking all necessary measures to protect personal data from unauthorized access, alteration, disclosure, or destruction.

Furthermore, the user is responsible for managing the software access credentials. This includes creating, maintaining, and protecting these credentials to prevent unauthorized access to the software. The user is responsible for ensuring that these credentials are not shared or disclosed to unauthorized third parties.

The data controller must ensure compliance with local recommendations regarding password length and complexity.

6.Use from Third-party Software (EMR)

If the software is interoperable with third-party software such as EMR (Electronic Medical Record) or an electronic patient record system (DPI), the security and confidentiality of data exchanges between the software and the third-party software are the exclusive responsibility of the data controller. The latter must ensure that the third-party software complies with all applicable legal and regulatory obligations, including those related to the protection of personal data.

The software allows data to be exported in formats whose security level is left to the discretion of the data controller. The controller is fully responsible for the security of exported data in terms of availability, integrity, or confidentiality.

The data controller must ensure the proper integration of data imported by third-party software.

7.Patient Information

In accordance with GDPR requirements, the user must inform patients clearly and precisely about the collection and use of their personal data. This information must include, but is not limited to:

  • The identity and contact details of the user (healthcare professional) as the data controller.
  • The purposes for which the data is collected and processed.
  • The legal basis for data processing.
  • The recipients or categories of recipients of the personal data.
  • The data retention period.
  • Patients’ rights regarding their personal data (access, rectification, deletion, restriction of processing, objection to processing, data portability).
  • Patients’ right to lodge a complaint with a supervisory authority.

Information templates for medical record management can be proposed by the local data protection authority.

8.Data Security

The user commits to implementing appropriate technical and organizational measures to ensure a security level adapted to the risk, particularly in case of accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data transmitted, stored, or otherwise processed.

FIM Medical cannot be held responsible for any breach of availability, integrity, or confidentiality of the data collected and stored by the software.

9.Intellectual Property

The software and all its components, including but not limited to the content, text, graphics, user interfaces, visual interfaces, photographs, trademarks, logos, sounds, music, illustrations, and computer code (collectively referred to as “Content”) are the property of FIM Medical or its licensors and are protected by intellectual property laws, including copyright and trademark laws.

The right to use the software is personal, non-exclusive, non-transferable, and should be limited to internal professional needs in accordance with these GTU. The user is prohibited from reproducing, copying, modifying, creating derivative works, distributing, publicly displaying, republishing, downloading, storing, transmitting, selling, or reselling any part of the software or the Content without prior written authorization from FIM Medical.

Any unauthorized use of the software or the Content in violation of these GTU may constitute an infringement of intellectual property rights and result in legal action.

10.  Modifications to the GTU

FIM Medical may modify these GTU at any time to reflect technical or regulatory developments or for any other reason deemed necessary. These modifications will take effect upon their publication on the website or integration into the software.

It is the responsibility of the data controller to regularly consult the GTU to be aware of any changes. Use of the software after the update of the GTU implies approval of the new terms without requiring individual notification.

11.  Legal Information about the Publisher

The software is published by FIM Medical SAS with a share capital of 166,000 euros, registered in the Lyon Trade and Companies Register under number 391 853 090 00044.

For any questions or assistance regarding the software or these GTU, please contact FIM Medical at the following contact details:

12.  Technical Assistance

System and hardware data, including the username, are recorded in the internal memory of the Visiolite® device. The user can view and send this data by email from the help page of the software.

13.  Applicable Law and Jurisdiction

These GTU are subject to French law.

In the event of a dispute regarding the interpretation or execution of these GTU, the parties agree to seek an amicable solution before resorting to legal action. Failing that, the dispute will be subject to the exclusive jurisdiction of the Commercial Court of Lyon.