Privacy Policy

1 Introduction

HubNex ("we", "us", or "our") is committed to protecting the privacy of everyone who interacts with our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hubnex.net and use the HubNex collaborative radiology platform.

HubNex is a technology platform — not a healthcare provider. We do not directly access, store, or process Protected Health Information (PHI) in the cloud. All imaging data remains under the control of participating healthcare institutions.

By using our website or services, you consent to the practices described in this policy. If you do not agree with the terms, please discontinue use of our services.

2 Data We Collect

Information You Provide

Contact information (name, email address, phone number) submitted via our contact form
Organization name and role when requesting a demo or pilot program
Communication records when you correspond with us via email

Information Collected Automatically

Browser type and version, operating system, and device information
IP address (anonymized where possible), referring URLs, and pages visited
Usage patterns including time spent on pages and interaction data
Cookie identifiers and similar tracking technologies (see Section 9)

Information We Do Not Collect

We do not collect, store, or process any medical imaging data, patient health records, or Protected Health Information (PHI) through our website. The HubNex platform architecture ensures all imaging data remains within the infrastructure controlled by participating healthcare institutions.

3 How We Use Your Data

We use the information we collect for the following purposes:

Service Communication: To respond to your inquiries, schedule demos, and provide support
Platform Improvement: To analyze usage patterns and improve our website experience
Marketing: To send relevant updates about HubNex (only with your explicit consent)
Legal Compliance: To fulfill our legal obligations and enforce our terms
Security: To detect and prevent fraud, abuse, and unauthorized access

We will never sell, rent, or trade your personal information to third parties for their marketing purposes.

4 Legal Basis for Processing (GDPR)

Under the EU General Data Protection Regulation (GDPR), we process your personal data based on the following lawful grounds:

Consent: When you submit a contact form or subscribe to communications
Legitimate Interest: For website analytics, security monitoring, and improving our services
Contractual Necessity: When processing is required to fulfill a service agreement
Legal Obligation: When we are required by law to process or retain data

5 Data Sharing & Third Parties

We may share your information only in the following limited circumstances:

Service Providers: Trusted partners who assist with hosting, analytics, and email delivery (e.g., Web3Forms for contact submissions), bound by data processing agreements
Legal Requirements: When required by law, regulation, court order, or governmental authority
Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notification)

All third-party service providers are contractually obligated to protect your data and may only use it for the purposes specified by us.

6 Data Security

We implement industry-standard security measures to protect your personal information:

TLS 1.3 encryption for all data in transit
Encrypted storage for data at rest
Regular security audits and vulnerability assessments
Role-based access controls limiting data access to authorized personnel
ISO 27001-aligned security practices

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

Contact form data: Retained for up to 24 months after last interaction
Website analytics data: Retained for up to 26 months (anonymized)
Communication records: Retained for the duration of the business relationship plus 12 months

When data is no longer needed, it will be securely deleted or anonymized.

8 Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

Right of Access: Request a copy of the personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Request that we limit how we use your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests or for marketing
Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at privacy@hubnex.net. We will respond within 30 days.

9 Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience:

Essential Cookies

Required for the website to function properly (e.g., session management, cookie consent preferences). These cannot be disabled.

Analytics Cookies

Help us understand how visitors interact with our website by collecting anonymous usage data. These are only set with your consent.

Managing Cookies

You can manage your cookie preferences at any time through the cookie banner or your browser settings. Disabling non-essential cookies will not affect the core functionality of our website.

10 International Data Transfers

HubNex is based in Belgium (European Union). If you access our website from outside the EU, your information may be transferred to and processed in EU member states where our servers are located.

For any transfers outside the European Economic Area (EEA), we ensure adequate data protection through Standard Contractual Clauses (SCCs) or adequacy decisions approved by the European Commission.

11 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on this page and updating the "Last updated" date.

We encourage you to review this policy periodically to stay informed about how we are protecting your data.

12 Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Email: privacy@hubnex.net
General Contact: contact@hubnex.net
Location: Gent, Belgium
Phone: (+32) 486 036 288

If you believe your data protection rights have been violated, you have the right to file a complaint with the Belgian Data Protection Authority (GBA/APD) or your local supervisory authority.