- Original Poster
- #1
Right. So, we're trying to wrap our heads around if we need an explicit consent from our users due to the fact that we process health data. I've been trying to find if our data really is considered health data or not - this obviously makes a huge difference in terms of how we inform our customers about the data we process - since, as far as I understand GDPR is very clear that an explicit consent is needed if we process health data whereas if it's just "personal data" it ought to be enough to notify users about our updated privacy policy/terms and be clear with what kind of data we have, and why and so forth.
So, let me be a bit specific here. We make a sleep tracker application and the data we process is the time the person go to bed, when they wake up and "how well they slept" (which is, of course subjective).
Does this go into the category "health data" or would you just consider this being personal data?
Vol
So, let me be a bit specific here. We make a sleep tracker application and the data we process is the time the person go to bed, when they wake up and "how well they slept" (which is, of course subjective).
Does this go into the category "health data" or would you just consider this being personal data?
Vol
