PATIENT WATCH is provided by Patient Watch Ltd (“we”, “us”, “our”, “PW”), a company registered in England with company number 14114586 a registered offices address at 15 LEOPOLD STREET, ENGLAND, BIRMINGHAM, B12 0UP.

PW acts as a “controller” in respect of certain personal data shared through Patient Watch. This means that PW is responsible for deciding how to hold and use this personal data and references below to “we”, “us” or “our” are to PW.

We are committed to protecting and respecting your privacy.

SCOPE OF THIS PRIVACY NOTICE

This notice (together with our end-user licence agreement as set out at Terms of Use (“TOU”) and any additional terms of use incorporated by reference into the TOU applies to your use of:

• the PATIENT WATCH Service (the “Service”) accessible through our website at https://www.patient-watch.com/ (the “Site”);

This notice sets out the basis on which we will process any personal data we collect from you, or that you provide to us. ‘Processing’ for the purposes of this notice covers a very broad range of activities, including using, transferring, storing and even deleting data.

Please read the following terms carefully to understand our views and practices regarding your personal data and how we will treat it.

For the avoidance of doubt:

• By registering with, or using, the Site, or supplying data or information on the Site you acknowledge that you are aware of the collection, use and transfer of the relevant data and your personal data under the terms of this privacy notice (and the Terms of Use).

PERSONAL DATA WE MAY COLLECT IN RELATION TO YOU

We may collect, and process, the following types of personal data about you:

• You may give us information about yourself (“Submitted Information”) by a number of different routes, including:
  • information you provide to us or that we may collect, including but not limited when you:
    • Register
    • Edit your profile
    • Change your password
    • Verify a phone number or email address
    • Create a diary
    • Log a pain score
    • Send an email or SMS to or from site including all email addresses ending @patient-watch.com.
  • . The information that you give us or that we collect may include your name, email address, phone number, hospital number, GMC and password.
  • if you contact us, we may keep a record of that correspondence;
  • information provided when submitting or updating a request for support or contacting our support teams;
  • information provided in response to any surveys or requests for information which we may send to you from time to time or which you complete on our website (in line with your marketing and communications preferences as referred to above);
  • information collected as a result of any monitoring which may take place. We may monitor (which may include recording) certain interactions between us in order to comply with any legal obligations, to detect fraud or criminal activity as well as for training purposes; and/or
• Information we collect about you and your Device. Each time you visit the Site we may automatically collect the following information:
  • technical information, including the type of mobile device you use, a unique device identifier, mobile network information, your mobile operating system, and time zone setting (“Device Information”);
  • health information stored on your Device which you have explicitly consented to sharing, and the providence of that data including the device used to collect that data, time, date (“Content Information”); and
  • details of your visits to the Site, and the resources that you access (“Log Information”).

Age Limits

You may only access the Service if you are at least 18 years old.

USES MADE OF THE INFORMATION

We may use personal data we collect about you in the following ways:

• Submitted Information: We will use information which you submit as part of registering to use, or where you are using the Service in order to manage your account, to deliver the Service, to provide technical support, to contact you (including, without limitation, via SMS) so as to notify you regarding any important updates relating to the Site, to answer queries you might raise regarding the Site and for our own internal administrative purposes.
• For marketing purposes: We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising, including the following personal data control mechanisms:
  • We may use your identity, contact details and Device Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (i.e. ‘marketing’).
  • You will receive marketing communications from us if you have requested information from us or receive services from us and you have not opted out of receiving that marketing.
  • We may ask you to identify areas of particular interest (which may be related to certain conditions) and if you choose to provide those details then we may send you information which we feel may be relevant to those areas of interest or which might otherwise be of interest to you based on the preferences identified.
  • We will get your express opt-in consent before we share your personal data with any third party for their marketing purposes.
  • You can ask us (or any third parties) to stop sending you marketing messages at any time (see below for further details).
• Survey responses: We will use this information for the purposes outlined in the relevant survey or request for information (referred to generally as ‘surveys’). If a survey involves the provision of information relating to your physical or mental health then this data will be held securely and will not be used other than for the purposes provided to you when you completed the relevant survey (though we may use anonymised data from the survey in order to undertake research in to trends and to provide insights into the relevant condition(s) and we may share that anonymised data with third parties). If you agree as part of the survey to our contacting you further, then we may do so to supply you with information that may be of interest to you; or in order to determine whether you would want to be further involved in any follow-on surveys or medical research opportunities.
• Device Information: We will use this information to help ensure that Patient Watch presents the correct version and data for your Device.
• Content Information: health information submitted through the Site for the purposes of storing that information and to make it available to you or (with your consent) your nominated health practitioner as you may request from time to time.
• Log Information: this is stored for security and audit purposes and to ensure that we are able to support your use of Patient Watch.
• For security and safety purposes: we monitor activity in order to help protect our users from security threats and to detect if users are trying to misuse any element of the Site or to use them in an unauthorised manner. We may also use your contact information in order to alert you to any relevant security issues or safety concerns of which we are aware.
• To statistically analyse user behaviour and activity: We will monitor user interest and behaviour to help us to understand general usage of the Site to help us improve the services we provide. We may also use this information to tailor the view of the Site or any communications you receive from us so as to provide you with what we believe to be more relevant information. We may conduct statistical analysis in respect of the Service, either ourselves or through an agency acting on our behalf and may share statistical data (that will not identify you) with relevant third parties.

We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this privacy notice for as long as it is combined.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

BASIS ON WHICH WE PROCESS YOUR PERSONAL DATA

We may rely on a range of legal grounds in accordance with the applicable privacy laws in order to ensure that our use your personal data is lawful, including:

• where it is in our legitimate interests to do so (provided this is not overridden by considerations regarding your rights and interests), such as:
  • performing and/or testing the performance of, our products, services and internal processes;
  • following guidance and recommended best practice of government and regulatory bodies;
  • managing and auditing our business operations;
  • monitoring and to keeping records of our communications with you;
  • undertaking market research and analysis and developing statistics; and/or
  • for direct marketing communication purposes and to help us to offer relevant products and services;
• to comply with our legal obligations; and/or
• with your (explicit) consent.

DISCLOSURE OF YOUR INFORMATION

Disclosure of your personal data to third parties may arise in a number of scenarios, for example:

• If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
• In order to:
  • enforce or apply the Terms of Use and other agreements or to investigate potential breaches of the same; and/or
  • protect the rights, property or safety of PW, our customers, or others (acting at all times in accordance with our obligations under the relevant data protection legislation).
• In connection with a potential sale or transfer of part or all of our business. In such circumstances we may share information with prospective purchasers (for example as part of a controlled due diligence exercise).
• If we reorganise our business as we may need to transfer information about you to another member of our group of companies so that we could continue to provide the Service to you.

We will ensure that we comply with our responsibilities whenever sharing data with a third party.

HOW AND WHERE WE STORE YOUR PERSONAL DATA

We use strict procedures and security features designed to prevent any unauthorised or unlawful access to the personal data which we control.

Personal data which we hold in relation to you will be stored securely on AWS servers in the UK.

Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone and that you use a unique password in respect of your Patient Watch account. We will hash and salt this password, and the unhashed password value will not be stored or transferred.

We will retain a record of your personal data in accordance with relevant law and the following criteria:

• where we have a reasonable business need to do so, for example, in order to manage our relationship with you;
• where we are providing products and/or services to you and then for as long as someone could bring a claim against us in respect of those products or services; and/or
• in line with any legal and regulatory requirements or guidance in respect of retention periods.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to the Site; any transmission that you make is therefore made at your own risk. However, once we have received your data, we will use strict procedures and security features designed to prevent any unauthorised or unlawful access to the same and all information you provide to us will be stored securely.

The Site may, from time to time, contain links to and from the websites of our partner networks advertisers and affiliates. If you follow a link to any of these websites, please note that these websites (and any services that may be accessible through them) will have their own privacy notices, policies and terms of use and we do not accept any responsibility or liability for the same (and how they may be applied) or for any personal data that may be collected through those third party websites or services, such as contact and location data. Please check the relevant third party terms, notices and policies before you provide any personal data to those websites or use their services.

YOUR RIGHTS

You have a number of important legal rights regarding the manner in which personal data relating to you is used. You can find more information about your rights on the Information Commissioner’s Office website – please see https://ico.org.uk/for-the-public/.

We have outlined below the key rights which we believe may be relevant to your use of the Site.

If you would like to exercise any of these rights then please contact us using the contact information provided below. Please note that you may be asked to provide us with reasonable proof of your identity so that we can be sure that we are discussing or providing your personal data with, or to, you (or if someone is making a request on your behalf, we need to check that they have the authority to do so).

Access to information

You have the right to access certain information we hold about you so that you can be aware of, and verify the lawfulness of, the processing we undertake.

You can exercise your right of access by making what is generally referred to as a ‘subject access request’.

We will review each request which we receive and if we agree that we are obliged to provide personal data to you then we will (subject to certain limited exceptions provided under the relevant law) amongst other things: (i) describe it to you; (ii) tell you why we are holding it; (iii) tell you who it could be disclosed to; and (iv) let you have a copy of it (this may include providing an electronic copy).

Right to have information corrected

If you identify that any personal data that we hold about you is wrong, inaccurate or out of date then you may ask us to correct or update it. Please contact us via the details provided below and we will review each request and respond accordingly.

Right of erasure and the right to stop or limit our processing of your personal data

The right of erasure is also known as the ‘right to be forgotten’. You have the right to ask us to erase data we hold about you. Alternatively, you can ask us to stop or to limit any processing we are undertaking in respect of your personal data. These rights arise if we no longer have a valid reason to do so or if we have held it for too long.

These are not absolute rights but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).

Right to withdraw consent

You are free to withdraw any consent which you have given to us in relation to our use of your personal data at any time (for example, in relation to any Health & Fitness Data or in respect of the Medication Assistant service). Please note that not all uses which we make of your personal data require your consent (for example, if we need to use that information in order to provide a service you have requested then we do not need your consent in order to do so). If you choose to withdraw consent in respect of Health & Fitness Data or Medication Assistant then you will no longer be able to use that functionality in respect of the Service (including, where relevant, Medication Assistant).

Right to object

You have the right to object to the processing of your personal data at any time. This effectively allows you to stop or prevent the processing of your personal data.

An objection may be in relation to all of the personal data we hold (as a controller) about you or only to certain information. It may also only relate to a particular purpose we are processing the data for.

You have the right to object where we are processing your personal data for direct marketing purposes by following the opt-out links on any marketing message sent to you or by contacting us at any time. Save in relation to direct marketing communications this is not an absolute right but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).

Right to complain

If you are unhappy about the way in which we have processed your personal data then you have a right to raise the issue or to lodge a complaint with the Information Commissioner’s Office – as noted above please see https://ico.org.uk/for-the-public/ for further details.

Changes to our privacy notice

We will keep this privacy notice and we may update it from time to time (for example, to reflect changes we might make to our services or to reflect changes in the law or best practice). Any changes we may make to our privacy notice in the future will be posted on this page. We encourage you to visit this page periodically so that you are aware of any changes which have been made. In addition, changes may be notified to you by e-mail or when you log onto the Site. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the Service or the Booking Service or Medication Assistant.

Contact Details

If you have any comments or concerns regarding our privacy notice, or the manner in which we handle your personal data or if you would like to exercise any of the rights outline above then please do feel free to contact us by one of the following means by email: info@patient-watch.com

We will consider your comments and respond accordingly. Please note that if you have a ‘support’ query (for example you are having issues in accessing the service) then please refer to our support site - https://patient-watch.com/info.