HealthReact logo
HealthReact← Back to home

HealthReact Privacy Policy

Effective: March 24, 2026

This Privacy Policy describes how personal data are collected, used, and protected when you use the HealthReact mobile application (the "Application").

The Application is designed to support research studies by enabling users to complete questionnaires and, where applicable, provide location data during use.

The HealthReact Application is part of the HealthReact ecosystem and may operate together with other components, such as wearable data collection applications.

Provider Information

The Application is provided by:

University of Hradec Kralove
Rokitanskeho 62
500 03 Hradec Kralove
Czechia
("We", "Us", or "Provider")

Contact: info@healthreact.eu

Role in Data Processing

The HealthReact Application is a tool used in research studies.

In most cases, the research institution conducting the study acts as the Data Controller, and the Provider of the Application acts as a Data Processor processing data on behalf of that institution.

This Privacy Policy describes how the Application handles data. Additional information about specific studies may be provided separately by the research institution.

Data We Collect

Pseudonymous Identifiers

Data processed by the Application are typically associated with a pseudonymous study identifier rather than directly identifiable personal information. The mapping between the identifier and the individual participant is usually maintained by the research institution.

Questionnaire Responses

The Application may collect answers submitted by users within the Application.

Location Data (GPS)

The Application may collect location data only when the Application is actively used and only if the user has granted the necessary permissions on the device.

Technical and Usage Data

The Application may collect technical and usage data automatically when used.

  • device type and operating system,
  • application usage logs,
  • timestamps of interactions,
  • application version and system logs necessary for debugging and maintenance,
  • diagnostic information, such as crashes and performance data.

How Data Are Collected

Data are collected:

  • when users actively interact with the Application, for example by completing questionnaires,
  • from device sensors, such as location services if enabled,
  • automatically through technical logging required for system operation.

Purpose of Processing

Personal data may be processed for the following purposes:

  • to enable participation in research studies,
  • to collect questionnaire responses,
  • to support research-related analysis and evaluation,
  • to enable study-related interventions or notifications,
  • to ensure proper functioning, security, and stability of the Application.

The Application does not use personal data for advertising or marketing purposes.

Legal Basis for Processing

Processing is based on:

  • consent, where required, for example for participation in a study,
  • scientific research purposes in accordance with applicable data protection regulations, where permitted,
  • legitimate interests in ensuring the secure and reliable operation of the Application.

The applicable legal basis may be further specified by the research institution conducting the study.

Data Sharing

Personal data may be shared with:

  • the research institution conducting the study, acting as the Data Controller,
  • service providers supporting the operation of the Application, such as hosting or technical infrastructure providers, under appropriate contractual safeguards.

Data are not shared for advertising or marketing purposes.

Data Retention

Personal data are retained for the duration of the research study and as required by applicable legal and research obligations.

Retention periods are typically defined by the research institution conducting the study.

After the retention period, data may be deleted or anonymized, depending on the requirements of the study.

International Transfers

Data may be processed on servers located within the European Union or, where applicable, in other jurisdictions.

Where data are transferred outside the European Economic Area, appropriate safeguards are implemented in accordance with applicable data protection laws.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

This includes encrypted data transmission (e.g., HTTPS/TLS), secure storage, and controlled access to data.

However, no method of transmission over the Internet or method of electronic storage is completely secure.

Children

Where studies involve minors, data processing is subject to additional safeguards and consent requirements defined by the research institution.

Your Rights

Depending on applicable law, you may have the right to:

  • access your personal data,
  • request correction of inaccurate data,
  • request deletion of your data,
  • restrict or object to processing,
  • request data portability.

Requests should primarily be directed to the research institution conducting the study. You may also contact us using the details below.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be made available within the Application or through other appropriate means.

Contact Us

If you have any questions about this Privacy Policy, you can contact us at info@healthreact.eu.