Introduction
This is the privacy policy of Square Health Limited relating to the processing by Us of personal data that We collect through Your use of Our website. Under Data Protection Law We have a legal duty to protect any information We collect from You and We are committed to protecting and respecting Your privacy. We use leading technologies and encryption software to safeguard personal data, and keep strict security standards to prevent any unauthorised access to it.
Questions, comments and requests regarding Our privacy policy are welcomed and should be addressed to our Data Protection Officer at Square Health Limited, Crown House, William Street, Windsor SL4 1AT OR by email to data.protection@squarehealth.com.
By using providing information via Our website, You accept and agree to Our privacy policy and practices as described below.
In this policy:
- Square Health refers to Square Health Limited, company number 7054181 of Crown House, William Street, Windsor SL4 1AT, and We, Us, Our, Ours and Ourselves also refer to Square Health
- You, Your, Yours and Yourself refer to you
- Data Protection Law refers to the DPA, the GDPR and all other laws and regulations relating to the collection and processing of personal data
- DPA refers to the Data Protection Act 1998
- GDPR refers to the General Data Protection Regulation (EU regulation 2016/679)
- personal data refers to personal data as defined in the GDPR (including, if relevant, health data or any other sensitive or special category personal data as defined in the DPA or GDPR).
For the purposes of Data Protection Law, We are the data controller for personal data which are provided via Our website.
Information We may collect and process about You
Information You give to Us and which We collect about You
You may give Us personal data by entering information via Our website. The information we collect will typically include:
- Your name
- Address
- Email, telephone and other contact details
- Date of birth
- Information about your work/education and lifestyle.
We do not normally ask for or collect health or medical information or any other “sensitive” or “special category” data. (If We need to collect or process sensitive or special category data of this kind We will not process it without Your consent.)
Information about you which is automatically collected by use of Our website
Each time you use Our website we may automatically collect the following information:
- technical information, including the internet protocol (IP) address used to connect your device to the internet, your login information, browser type and version, time zone setting, operating system and platform, and your location;
- information about Your visit, including the date, time and length of Your visit, pages or service elements You viewed or used; response times, download errors, interaction information (such as scrolling and clicks), and any phone or other methods used to contact Us.
Cookies
Our cookie policy may be viewed here http://www.squarehealth.com/cookies
Much of the information which we may collect through the use of cookies is non-personal data for the purposes of Data Protection Law but We treat Internet Protocol (IP) addresses and similar identifiers as personal data. Where non-personal data is combined with personal data, We also treat the combined information as personal data for the purposes of this Privacy Policy.
Uses made of information
We use information that You provide or that We collect about You for the following purposes:
- to provide information that You request about Our services or those of any affiliated company;
- to provide any services or any other products or services that You request from Us and that We agree to provide;
- to allow You to participate in interactive features of Our website or any Square Health service when You choose to do so;
- to process any application by You for employment or to provide services to Us;
- to make disclosures required by law or regulation;
- to assist in the detection of fraud.
We may also use information about You (subject to anonymising Your data):
- for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve Our products and services;
- as part of our efforts to keep Our website and services safe and secure;
- to measure or understand the effectiveness of Our services to You and others.
Disclosure of Your information
Disclosure of information to affiliated companies
We may share personal data relating to You, including any health or medical information or other sensitive personal data that You have agreed We may use, with any affiliated company which processes personal data on Our behalf. Our affiliated companies are Docslot Limited, Square Health Group Limited, Bodycare Limited and Doctors Chambers (UK) Limited and any of their respective holding companies and any subsidiaries of any of those holding companies, as well as our ultimate holding company and its subsidiaries. Holding company and subsidiary are defined in section 1159 of the UK Companies Act 2006.
Disclosure of information to other third parties
We may share personal data (but not sensitive personal data) with selected third parties including:
- (subject to anonymising Your personal data) advertisers and advertising networks that require the data to select and serve relevant adverts to You and others.
- Analytics and search engine providers that assist in the improvement and optimisation of Square Health Services and/or Square Health Apps.
We may disclose Your personal data to third parties:
- In the event that we sell or buy any business or assets, in which case We may disclose personal data on any anonymised basis to the prospective seller or buyer of such business or assets. But we will never disclose health or medical information or other sensitive personal data for this purpose.
- If all or substantially all of Our assets are acquired by a third party as part of a sale or transfer of our business, in which case personal data held by Us about our clients and users will be one of the transferred assets.
- If We are under a duty to disclose or share the personal data in order to comply with any legal obligation, or to protect the rights, property, or safety of Us, Our clients and users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Other than as above We will not share Your personal information with third parties without Your consent.
How we store your personal data
All personal data relating to You and provided or collected via Our website will be stored on secure servers located in the UK or EEA.
Passwords and security
Where We have given You (or where You have chosen) a password which enables You to access Our website or any part of it, You are responsible for keeping this password confidential. We ask You not to share a password with anyone.
We encrypt data which are transmitted via Our website. However, the transmission of information via the internet can never be completely securedue to security threats outside Our control. For this reason, although We will do our best to protect Your personal data, We cannot guarantee the security of Your data transmitted via Our website. Once We have received your information, We will use strict procedures and security features to minimise the risk of unauthorised access.
Our website may contain links to and from third party applications or websites. If You follow a link to any of these applications or websites, please note that these applications or websites have their own privacy policies and that We do not accept any responsibility or liability for these policies. Please check these policies before You submit any personal data to these websites.
Retention of Your personal data
Personal data relating to You which is in a non-digital form will be securely destroyed within a maximum of 90 days unless it is required in order to provide a service to You or to process an application by You. Personal data which is in digital form may be retained by Us for the period required to comply with Our obligations to insurance and financial providers or other third parties and/or other legal obligations. All personal data retained by Us will be held securely as described in this privacy policy.
Your rights
Data Protection Law gives you the right to access information held about You and to ask Us to update or correct any inaccurate information. You also have the right to request us to delete Your personal data (‘right to be forgotten’) unless We have a contractual/legal requirement to keep your data.
We will not use Your personal data for marketing purposes without Your consent. If you have given Your consent, You have the right to withdraw Your consent and to ask Us not to use Your personal data for marketing purposes. If you have elected to receive marketing materials, at any time subsequently You can ask not to receive marketing materials.
You can exercise Your rights by writing to Us at Crown House, William Street, Windsor SL4 1AT OR by sending your request to data.protection@squarehealth.com.
Data Protection Law also gives You the right to complain to the Supervisory Authority (www.ico.org.uk) about our data processing activities.
Changes to our privacy policy
Any changes We may make to Our privacy policy in the future will be displayed on Our website or at Our discretion may be notified to You by email or SMS. New terms may be displayed on-screen and You may be required to read and accept them in order to continue to use Our website.