Curewiki logo
LoginSign up

B2B Privacy Notice.

Last updated April 22, 2026

This website is operated by Curewiki SRL, a company incorporated and registered in Belgium with company number 0786.411.860 whose registered office is at Cantersteen 12, 1000 Brussels, Belgium.

In so far as we process your Personal Data, Curewiki acts as the Data Controller. You can contact us via email: privacy@curewiki.health for any question regarding your privacy.

The protection of your Personal Data is of importance for Curewiki and we treat your privacy with utmost care.

We have established this Privacy Notice to explain to you how Curewiki treats your Personal Data. The Privacy Notice applies to the Personal Data that you provide and that we Process about you as a natural person when you visit our website.

Curewiki SRL as the Controller, hereinafter as "Curewiki"; "we" or "us", of the personal data, has committed to comply with:

  • The General Data Protection Regulation N°EU 2016/679 (hereinafter, the "GDPR")
  • And all EU applicable laws and regulations regarding data protection.

Collectively referred as "Data Protection Laws".

With this Privacy Notice, Curewiki wants to make sure that you understand what personal information is collected about you, how your personal information is used and how it is kept safe.

Essential definitions

For the purposes of this Privacy Policy, “personal data” means any information through which a natural person is identifiable or may be identified. Curewiki collects, uses and processes your Personal Data in order to provide you with services, products or information that you request.

For example: a last name, a first name, an email address.

“Processing of personal data” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.

For example: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

In this context, Curewiki acts as the Data Controller.

“Processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the Data Controller.

“Pseudonymisation” means the Processing of Personal Data in such a manner that the Personal Data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the Personal Data are not attributed to an identified or identifiable natural person.

Which Personal Data do we collect when you visit our website?

We Process the Personal Data that you provide to us when you interact with us via this website by signing up (i.e. registering for the CureWiki Health platform application (the "App")) or, when signed in, interacting with the App. These Personal Data are:

a. Identification data

  • Business contact identification data of yourself: (name, first name, e-mail address, telephone number).
  • Any other information that you voluntarily give us as part of a Contribution (see Terms of Use). Please be aware that, to the extent this information contains Personal Data of others (relatives, your doctor), you should only share it with us if you have that person's informed consent.

In the event that non-personal data is combined with personal data in such a way that it is possible to identify the persons concerned, we will treat this data as personal data until it is impossible to link it to a specific person.

c. Cookies and other tracking data

Like almost every website, our website also uses cookies. Some of these are necessary to make your website visit possible, other allow us to optimize your browsing experience or the way we interact with you. Find out more about our cookies in our cookie policy.

How do we collect your Personal Data?

We collect your personal data when you register as a B2B user of the App, or whenever you visit the App or when you invite users via the "Admin users" area.

Consequences of non-providing such data

The provision of certain personal data referred to above is necessary in order to access certain services offered by Curewiki, in particular to access the App.

Where the data subject does not provide the personal data requested by Curewiki, the data subject may be unable to visit the App.

Why do we collect your Personal Data?

We Process your Personal Data only for the following purposes, based on the following legal basis:

Legal BasisPurpose
Article 6(1)(a) of the GDPR: the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
  • Counting visits and traffic sources to improve the performance of the website (Analytical cookies);
  • Showing advertisements and promotions on the website (Marketing cookies).
Article 6(1)(b) of the GDPR: the processing is necessary for the execution of a contract between the data controller and the data subject.
  • To provide you with login credentials for access to the App;
  • To process your Contributions (see Terms of Use).
Article 6(1)(f) of the GDPR: the processing is necessary for the purposes of the legitimate interests pursued by Curewiki.
  • To contact you in the context of the provision of the App Services;
  • Answering message from the website contact form;
  • Functioning and managing the website and carry out essential services for the users (Essential cookies);
  • Handling questions from yourself and authorities and managing claims.

With whom do we share your Personal Data?

a. Communication to internal recipients

We only give access to your personal data to internal persons at Curewiki whose function requires it and who are bound by confidentiality obligations. Access to your data is strictly limited to them. We regularly check these accesses and secure the information provided, as far as possible.

b. Communication to other third parties - service providers, government authorities

Curewiki will provide access to or share Personal Data on an as-needed basis with other third parties, i.e.:

  • trusted service providers
  • consultants and contractors who are granted access to Curewiki’s facilities and systems or which provide services to Curewiki
  • government agencies or authorities, competent courts and others as required by law or if it is necessary to fulfill your request.

Third-party service providers include IT services and website hosting companies, (internet) connectivity providers, providers of data analytics (Google) and tracking services, providers of press release and newsletter distribution networks, as well as service providers that provide technical and administrative support for the Website and underlying IT systems.

These service providers provide their services from locations within and outside of the European Economic Area ("EEA"), including the USA. Curewiki will only share your Personal Data with third parties whom Curewiki has contractually restricted from using or disclosing the Personal Data except as necessary to perform services on our behalf or to comply with legal requirements.

By virtue of the laws that apply to them and their public duties, certain EU or Member State authorities and/or institutions may require Curewiki to provide them with some of your personal data. When such a case arises, it is therefore possible that Curewiki may be obliged to pass on your personal data to these "third party authorities" without asking for your prior consent. On the other hand, Curewiki commits itself to transmit to them only the data that these authorities/institutions strictly need for the exercise of their missions, and this by application of the principle of minimisation.

What if your Personal Data is transferred outside the European Economic Area (EEA)?

Curewiki may need to transfer your data to countries outside the EEA, where privacy protection is less developed, including the USA.

Curewiki relies on available legal mechanisms to enable the legal transfer of Personal Data across borders. To the extent that Curewiki relies on the Standard Contractual Clauses (also called the Model Clauses), to authorize the transfer of Personal Data, Curewiki will comply with those requirements, including where there may be a conflict between those requirements and this Privacy Notice.

In the absence of the aforementioned appropriate safeguards, Curewiki may where permitted by applicable data protection laws (including the GDPR) rely on a derogation applicable to the specific situation at hand (e.g. the data subjects’ explicit consent, the necessity for the performance of an agreement, the necessity for the defense of legal claims).

How do we secure your Personal Data?

We use reasonable and appropriate technological and operational security measures to keep your Personal Data protected against any unauthorized access or unlawful use. Such measures include:

  • Ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption where necessary;
  • Ensuring the physical security of our offices and other sites;
  • Maintaining a data protection policy for, and delivering data protection training to, our employees;
  • as needed, execute data transfer or processing agreements with third parties;
  • as needed, perform data privacy impact assessments; and
  • Limiting access to your Personal Data to those at Curewiki who need to use it in the course of their work.

However, due to the nature of internet communications, we cannot guarantee or warrant that the transmission of your Personal Data to us is secure.

For how long do we keep your Personal Data?

In accordance with the principle of limited retention, the period of retention of data will be strictly for the period necessary for the fulfilment of the purposes for which the processing is justified, not beyond. Under no circumstances will your data be kept for an unlimited period.

Active database archivingArchiving in an intermediate databaseJustification
Practitioner's profile data
For the duration of the user’s active profile.10 years from the closure of the user account.In accordance with the applicable statutory limitation period (Article 2262bis of the former Belgian Civil Code)
Contact request data
For the time required to process the request.5 years from the closure of the request.In accordance with the applicable statutory limitation period (Article 2262bis of the former Belgian Civil Code)

Unless otherwise agreed or required by Law, we keep all data for as long as we have a services relationship with you based on an active registration on our website.

When data is no longer required for the purposes for which it was processed or if you withdraw your consent and no other legal basis can be proven, the data must be destroyed so that it is impossible for anyone to trace your identity.

What rights can you exercise?

As a data subject with respect to the processing of your personal data, you have a number of rights regarding access to and control over your personal data, including:

  • Right of access: By exercising this right, you can obtain, upon request and free of charge, a copy (including in electronic format) of your personal data. You may also request access to a range of information, including the purposes of processing, the recipients, and so on. Should you request additional copies, we may charge a reasonable fee based on administrative costs.
  • Right to rectification: By exercising this right, you can correct, complete, or delete your personal data that is inaccurate, incomplete, or irrelevant. Where your data has been made accessible to other entities, we are obliged to take all necessary measures to inform those entities of your rectification request.
  • Right to erasure ("right to be forgotten"): Subject to certain exceptions, you have the right to request the deletion of your personal data. Where your data has been made accessible to other entities, we are obliged to take all necessary measures to inform those entities of your erasure request.
  • Right to restriction of processing: In certain circumstances, you have the right to obtain the restriction of processing of your personal data. Where your data has been made accessible to other entities, we are obliged to take all necessary measures to inform those entities of your request to restrict processing.
  • Right to data portability: In certain circumstances, you may request to receive your personal data free of charge in a structured, commonly used, and machine-readable format, in particular for transmitting it to another data controller.
  • Right to object: Where the processing of your data is based on our legitimate interest, you may object at any time to the use of your data for this purpose, unless we demonstrate compelling legitimate grounds that override your rights and interests.
  • Right to withdraw consent: You may withdraw your consent at any time where consent is the legal basis for the processing of your personal data.

To exercise these rights, or for any questions or complaints regarding this Privacy Policy, please submit a written request, dated and signed at privacy@curewiki.health or by post to:

CUREWIKI SRL

Data Protection Officer

Cantersteen 12

1000 Brussels

Belgium

Your request must specify the right(s) you wish to exercise. We may ask you to provide proof of identity for security reasons to prevent unauthorized disclosure or misuse of your personal data.

We will respond within one (1) month of receiving your request. This period may be extended by two (2) months, taking into account the complexity or number of requests. In such cases, the extension will only apply if you have been informed, and the reasons for the delay have been communicated to you.

If we decide not to act on your request, we will inform you of the reasons for our refusal or inaction.

Third party applications and websites

This Website contains links to other websites operated by third parties, including but not limited to certain social media sites such as Facebook, Twitter, Linkedin, YouTube, etc. This Notice does not apply to any website, other than this one. Third party websites are governed by their own terms and conditions. You should therefore always carefully check the privacy and cookie policies of third party websites before accepting to be redirected to them. Please be aware that such third party websites may be hosted outside the EEA in countries that do not have the same protection of your privacy as an EEA country.

We also display social media buttons on our Website. When you click on any of those buttons, your personal data may be transferred to these companies and they may also set cookies or other tracking technologies on your browser. The privacy policies and terms of use of each of those companies govern the collection and use of your personal data when you click on their buttons on our Website.

Prior to installing third party cookies or enabling you to click through to a third party website, we will have requested your consent to do so. Where consent was not given, the cookies will not be installed and the click through to third party websites will only occur after a pop-up notifying you that you are leaving the Curewiki space and requesting whether you wish to continue.

Notice for parents, guardians and children

Our website is intended for visitors who are at least 18 years of age, or the age of majority in their jurisdiction of residence. Curewiki does not knowingly solicit information from or market products or services to children. If you do not meet the age requirements set out above, please do not enter your Personal Data on this website.

How may Curewiki change this Privacy Notice?

As Curewiki expands and improves its website, or as legal requirements change, we may need to update this Privacy Notice. This Privacy Notice may be modified from time to time without prior notice. We encourage you to review this Privacy Notice on a regular basis for any changes. The date of the latest version will be identified at the bottom of the Privacy Notice.

Do you have any questions?

If you have any questions about this Privacy Notice or data protection at Curewiki, you can contact our Data Protection Officer either by mail:

Data Protection Officer

Cantersteen 12, 1000 Brussels, Belgium

or by e-mail at privacy@curewiki.health

You also have the right to lodge a complaint with the supervisory authority in the European member state of your habitual residence, your place of work or the alleged infringement of applicable data protection legislation:

In Belgium, the Supervisory Authority is:

Belgian Data Protection Authority

Rue de la Presse 35 / Drukpersstraat 35 1000 Bruxelles / 1000 Brussel

Tel. +32 2 274 48 00

Fax +32 2 274 48 35

contact@apd-gba.be

www.dataprotectionauthority.be