This Privacy Policy explains how participant data is collected, processed, stored, and protected within the EMA (Ecological Momentary Assessment) Research Platform. The policy is designed to ensure transparency in research data practices and to uphold participant privacy in accordance with institutional governance standards and applicable data protection regulations.

By accessing or participating in research activities conducted through this platform, you acknowledge the data practices described below.

1. Data We Collect

The platform may collect a range of data elements necessary to support approved research protocols and study operations. These may include:

• Participant-provided responses submitted through surveys or study prompts
• Timestamps associated with entries and activity completion
• Behavioral interaction metrics (e.g., response frequency, completion patterns)
• Survey instruments and structured questionnaire answers
• Device and technical metadata (such as browser type, operating system, or session logs)
• Study-related identifiers or pseudonymous participant codes assigned by the research team

The platform is designed to avoid unnecessary collection of directly identifiable personal information unless explicitly required and approved within the research protocol.

2. Purpose of Data Collection

All data is collected exclusively for legitimate research purposes. These purposes include:

• Study monitoring and protocol evaluation
• Outcome measurement and academic reporting
• Improvement of research methodologies and participant engagement strategies
• Under no circumstances will participant data be used for advertising, commercial profiling, marketing distribution, or resale to third parties. Data use is strictly confined to institutionally approved research activities.

3. Legal Basis & Consent

Participation in EMA studies hosted on this platform is voluntary and governed by informed consent procedures administered by the responsible research institution or study team. Data processing is conducted under one or more of the following lawful bases, as applicable:

• Documented participant consent
• Institutional research authorization
• Institutional Review Board (IRB) or Ethics Committee approval
• Compliance with applicable data protection regulations (e.g., GDPR, HIPAA, or local privacy laws)

Participants are provided with clear study information prior to enrollment, including data usage scope and withdrawal provisions.

4. Data Storage & Security

Participant data is stored within secure, access-controlled infrastructure designed to protect confidentiality, integrity, and availability.

Security safeguards include:

• Encrypted data transmission using industry-standard protocols
• Secure cloud or on-premise storage environments
• Role-based access controls (RBAC) restricting data visibility
• Authentication and authorization management
• Audit logging and system monitoring

These measures are implemented to prevent unauthorized access, disclosure, alteration, or misuse of research data.

5. Data Retention

Data will be retained only for the duration necessary to fulfill the objectives of the approved study protocol and to comply with institutional, regulatory, or funding-body requirements.

Upon completion of the retention period:

• Data may be anonymized or irreversibly de-identified for archival research use, or
• Securely deleted in accordance with institutional data destruction policies

Retention timelines vary by study and are defined within ethics approvals and governance frameworks.

6. Participant Rights

Subject to applicable regulations and research governance policies, participants may exercise certain data rights, including:

• Requesting access to their study data
• Requesting clarification regarding data use
• Withdrawing consent where operationally feasible
• Requesting correction or deletion, where permitted

Requests are reviewed in alignment with Institutional Review Board (IRB) guidelines, ethical approvals, and scientific integrity requirements, which may limit modification or deletion of already-analyzed datasets.

7. Contact Information

For questions regarding this Privacy Policy, data handling practices, or participant rights, please contact the responsible research institution or email: admin@myjomcare.com

This Privacy Policy may be updated periodically to reflect regulatory changes, institutional requirements, or technical platform enhancements. Continued use of the platform following policy updates constitutes acknowledgment of the revised terms.