In relation to the website: healthera.co.uk (“Site”) and Services: Healthera Mobile App
Owner: Healthera Ltd, a limited company registered in England and Wales with registration number 09609198 (“we/us”).
Customer services: firstname.lastname@example.org
Postal address: Healthera Ltd, St John’s Innovation Centre, Cowley Rd, Milton, Cambridge, UK CB4 0WS
Use of Your Data
We take data privacy very seriously. We have set out below the uses to which we will put the information that we have about you in the delivery of the Services, and the legal basis for this, as well as introducing the rights that you have over the way that we use your information.
For the purposes of the General Data Protection Regulation (GDPR) and any subsequent UK legislation covering data protection, we are the data controller (the entity which processes your data). All queries relating to this policy and/or data protection more generally should be referred to our Information Governance Lead.
The information we collect about you might include the following: -
- First name
- Last name
- Date of birth
- Email (for login)
- Phone number
- Geo-location data (your geographical location provided by your mobile phone operating system)
- NHS Number
- Preferred Pharmacy
- Registered GP practice
- Medication information:
- Medicine currently taking (either retrieved from a third-party system, self-input, or otherwise), including name, dosage, dosing schedule
- Your self-reported times and notes for when these medicines are taken
The Data will automatically be collected when you perform actions on our system such as creating an account and adding a medication. It will be kept private and not shared automatically, save that your healthcare provider (GP, pharmacy) may be invited to view this information.
The Data will be used for the following purposes:
- For pharmacies to identify and engage with you as part of our services including to send you notifications regarding your medication and the dispensing of medicines to you
- For your GP practices to identify you and issue prescriptions to you
- For us to provide you with support, answer individual queries to improve the service that we deliver to you including to match you with pharmacies upon your request
- For us to contact you via email newsletters or in-app broadcast on new features, updates, or usage instructions
- Given further consent, for us to conduct evaluations of the services we provide to you
The use of your information for the Purposes is lawful because one or more of the following applies:
- You have given consent to this. You may withdraw consent to these uses at any time by emailing us at email@example.com but this will not affect the lawfulness of processing of your Data prior to your consent being received and actioned
- It is necessary for us to hold and use your Data so that we can perform our obligations under the contract we have entered into with you for the Purpose(s)
Transfer to Third Parties
Your information will/may be passed to the following third parties:
- any pharmacy forming part of the Healthera network of pharmacies
- your registered GP practice
The data from any of the types above can aggregated (and anonymised). We may use this without restriction for research purposes (not limited).
Facebook SDK, Fabric SDK, and Firebase SDK may collect information about the use of the application, helping us measure usage and understand customer demographics.
The use of your information for these purposes is lawful because it is for one of the Uses.
We may also use the Information we gather to notify you about important functionality changes and alterations to the Site, Services, or offer of products, services or information that might be of particular interest to you (where you have consented to this). We may also share your personal information with our suppliers in order to facilitate transactions and delivery. We ensure that our suppliers protect your personal information as tightly as we do and that they provide an adequate level of protection for your rights as a data subject. This may involve transferring or selling your Information to other companies, inside or outside the EU.
Your information may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavour to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected.
By submitting your Information and subscribing to the services available on our Site, you consent to such use and transfer.
Save as provided below, we will not sell, rent, distribute or disclose information about you as an individual or your personal usage of the Site (‘Information’) without your consent or unless required or permitted to do so by law. The Information we gather may include name, delivery address, email address, telephone number, and any personal preferences.
Storage of Data
Your information will normally be stored for 7 (seven) years in order to carry out the Purpose(s) unless if you request for us to remove your information by notifying firstname.lastname@example.org, in which case it will be removed within 3 business days, or if you request for us to store the information for any longer.
You have the right to request details of the processing activities that we carry out with your personal information through making a subject access request. Such requests have to be made in writing, and will be subject to a charge of £10. More detail about how to make a request and the procedure to be followed can be found on the ICO’s website here.
You also have the following rights:
- The right to request rectification of information that is inaccurate or out of date;
- The right to erasure of your information (known as the “right to be forgotten”);
- The right to object to the way in which we are dealing and using your information; and
- The right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the right to portability).
All of these rights are subject to certain safeguards and exemptions, more details of which can be found on the ICO’s webpage. To exercise any of these rights, you should contact Information Governance Lead at the above address.
If you are not happy about the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. More details about how to complain can be found here.
Security of Your Data
The Site is a UK-based website and we take reasonable care to comply with the requirements of the UK Data Protection Act 1998 (‘the Act’) relating to the personal information you supply on the Site. The Site uses a security system that protects your information from unauthorised use. However, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.
Updating your Information
If any of the information you provide when subscribing to the services on the Site changes, please update your profile by logging in or alternatively, please notify email@example.com.
Accessing your Information
We are data controllers for the purposes of the Act and if you wish to request access to your Information held by us, you may contact firstname.lastname@example.org.
If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.
If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to Customer Services or click the Unsubscribe link (if available) at the bottom of any communication you may receive from us.
Surveys and user groups
We always aim to improve the services we offer. As a result we occasionally canvass our customers using surveys. Participation in surveys is voluntary, and you are under no obligation to reply to any survey you might receive from us. Should you choose to do so, we will treat the information you provide with the same high standard of care as all other customer information.
‘Email a friend’
We may from time to time operate an ‘Email a friend’ service or ‘Share’ functionality. This is a referral service, designed to make it easy for customers to recommend our Site and related websites or offers to a friend, and is a two-step process. First, a customer sends us the friend's name and email address, and secondly, we contact the friend, telling them who we are, and inviting them to take advantage of a particular offer, or to visit the Site. When we contact your friend, we always advise them of the name and email address of the friend who made the original referral. We will not use your friend’s details for any other purpose.
Links to third parties’ sites
Traffic Patterns/Site Statistics
We may monitor customer traffic patterns, Site usage and related Site information in order to optimise your use of the Site and we may give aggregated statistics to a reputable third-party, but these statistics will include no information personally identifying you.
Transfer to third parties
The list below explains the cookies we use and why:
- t&c cookie - for us to store the time when a user has accepted the terms and conditions of Healthera.
- _ga cookie – Google Analytics for helping us target customers and conduct marketing.
If you do not wish to receive cookies from us or any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. Unfortunately, we cannot accept liability for any malfunctioning of your PC or its installed web browser as a result of any attempt to turn off cookies.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.