Privacy Policy

Summary of changes

08 Oct, 2018: Your rights have been updated.


my mhealth Limited ('We') are committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

We do not use or disclose your data except as described in this privacy policy.

Definitions

"System": means hardware and software made available as a service by my mhealth Limited, usually through a network connection. The system holds and operates your personal data.

"Cookie": a small piece of data that may be stored on your device when you use our system.

"IP address": a locally or globally unique address given to every device connected to a network.

"Data controller": a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

"Data processor": means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.

"Approved researchers": In the UK, this means NIHR approved or CRN research portfolio research.

Who controls and processes data on your behalf

For the purpose of the General Data Protection Regulation (the "GDPR"), depending on the contractual agreement under which you obtained access to the system, the data controller for your personal data will be either:

a) a healthcare organisation under whose care you were referred to or that you interact with.

b) The health systems manufacturer "my mhealth Limited" ("We"), a company registered in England with company registration number 07881370 and having its registered address at First and Second Floor, 8 Trinity, 161 Old Christchurch Road, Bournemouth, BH1 1JU, United Kingdom. We are registered as data controller at the Information Commissioner's Office under registration reference ZA151364.

If you obtained access to our system directly from us, then we are the data controller. If you obtained access to our system through other means under a contractual agreement between us and a customer of our company, then the agreement will specify who is the data controller. You can contact your healthcare provider to learn who is the data controller for your data.

If you engage with several healthcare providers that use our system and you allow them to access your account then more than one data controller may be operating at a given moment under different privacy policies. If this is case you may have received a Privacy Policy from the data controller to learn how your data is being used.

Data we may collect from you

We may collect and process the following data about you:

Any data that you input in the system, for example your personal details, your clinical history and contact details of the healthcare professionals that are responsible for your care.

Data collected from devices that you decide to use with our system, for example the data provided by sensors like location and acceleration, by applications like web browsers, your device's IP address and the time and duration of your activity.

Details of your activity using our system, for example the time spent in each resource and the resources that you access.

If you contact us, we may keep a record of that correspondence.

Where we store your personal data

All data that you provide to us or that your clinicians provide to us will be stored and operated in infrastructure that is subject to regular security testing and regular security monitoring.

The transmission of data from end point to end point shall be encrypted. We shall ensure we will use strict procedures and security features to try to prevent unauthorised access.

Uses made of the data

Our system is intended primarily for you to be able to self-manage independently. Our system can also help facilitate the care provided to you by healthcare professionals. If they have your permission, the data provided by you, and stored on the system, may be available to any of these healthcare professionals. For example, they may want to review your symptoms, progress through a course, or blood pressure over time to help inform them to make decisions about your care.

Subject to contractual agreements with our customers and subject to your permission, we may sometimes use data you provide with approved researchers for the purposes of your possible participation in clinical trials, if this is allowed by law and meets the strict rules that are in place to protect your privacy. You can at any time include or remove yourself from this register by editing your preferences in the system.

Additionally, we may use the data:

- to contact you to carry out our obligations arising from any contracts entered into between you and us.

- to notify you about changes to our service.

- to notify you about changes to this Privacy Policy.

Disclosure of your data

Subject to contractual agreements with our customers and subject to your permission, we may disclose your data:

- to healthcare professionals whose details you added to your account in the system.

- to our customers in a fully anonymised form (so it is impossible for anyone to identify you).

- to third parties to protect the security of the data or the personal safety and welfare of users of the system.

- to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation.

- to third parties in order to enforce or apply the terms of use applicable to the system or our terms of business or any other agreements with you; or to protect the rights, property, or safety of my mhealth Limited, our customers, or others.

Your rights

The GDPR gives you the right to access data held about you. Your right of access can be exercised in accordance with the GDPR. Any access request may be subject to a fee in accordance with the guidance provided by the GDPR.

Cookies

Our system uses cookies, which are small pieces of data stored in your device. These are necessary for us to improve your experience and to allow you to be logged in to our system.

By using this system you consent to all cookies in accordance with this privacy policy.

Changes to the privacy policy

Any changes we may make to this privacy policy in the future will be posted on our system and where appropriate will be notified to you either when you use it or by other means of communication that you provide in the system.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@mymhealth.com.