Privacy Policy

  1. INTRODUCTION

 

We, Avegen Limited (“Company”, “we”, “us”, “our”) are the owners of the mobile application (the “App”). The App facilitates the Patients to schedule appointment with the hospitals/clinicians, assists Patients to store health records, physical activity information collected through wearables, in a digital format, learn about health-related topics, pursue activities that might improve health, share health records and reports and interact with the hospitals/clinicians (“Services”).
We respect data privacy rights and are committed to protecting personal information collected on the App. This privacy policy (“Privacy Policy”) sets forth how we collect, use, and protect the personal information collected on the App. It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on the App when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY CLICKING “I AGREE” OR BY CONTINUING TO USE THE SERVICES, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT AVAIL THE SERVICES OR ACCESS THE APP.

IF YOU ARE USING THE SERVICES OR ACCESSING THE APP ON BEHALF OF A THIRD PARTY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO USE AND AVAIL SERVICES OR ACCESS THE APP AND TO BIND SUCH THIRD-PARTY TO THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY AND, IN SUCH AN EVENT YOUR USE OF THE SERVICES OR THE APP SHALL REFER TO USE BY SUCH THIRD PARTY. IF YOU DO NOT HAVE SUCH AN AUTHORITY (TO PROVIDE ANY PERSONAL INFORMATION OF A THIRD PARTY) OR DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, THEN YOU SHOULD REFRAIN FROM USING THE SERVICES.

This Privacy Policy is an electronic record in the form of an electronic contract being compliant and construed in accordance with the data protection laws of various jurisdiction such as The European Union (“EU”) general data protection laws (“the GDPR”) , the UK Data Protection Law and Indian Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 under Information Technology Act 2000 (“Privacy Rules”) that require publishing of privacy policy for collection, use, storage and transfer of sensitive personal data or information.

  1. DEFINITION
    1. You”, “Your”, “Patient(s)”, means and includes the individuals such as Patient’s and their permitted users that avail the Services through the App.
    2. Patient Content” means and include Patient reports, clinicians/ hospital details, health information, photographs, uploaded by the Patient on the App.
    3. UK Data Protection Law” means the UK GDPR, the United Kingdom Data Protection Act 2018, the Privacy and Electronic Communications Regulations, and any regulation superseding any of the foregoing.
  1. PERSONAL INFORMATION COLLECTED

This Privacy Policy applies to Personal Information provided by the Patient’s to avail the Services. For purposes of this Privacy Policy, “Personal Information” means information that can be used to personally identify the Patient, including but not limited to Patient’s name, contact number, gender, e-mail address and physical address.

  1. Personal Information collected to provide the Services- To avail the Services, Patient is required to complete the registration/subscription formalities, after completion of such formalities, Company shall create an account for the Patient (“Patient Account”). During the registration process, and for availing the Services Patient will be required to share/upload certain Personal Information. As per the provisions of the GDPR and the UK Data Protection Law we shall be considered the processor of the Personal Information shared by the Patient to avail the Services.
  1. Technical Data: We may also collect some technical Data that includes internet protocol (IP) address, your login data, time zone setting and location, and other technology on the devices you use to access the App.
  2. For troubleshooting, product surveillance and improvements, the following data points will be collected:
    • The application version
    • Platform OS (Operating System)
    • Model name of the device
    • Last authentication date  
    • Last login by the user  
  1. Wearables: When you access our App by using your wearable devices, we may collect your Personal Information during the authentication and login process. We may also collect data related to your physical activities including but not limited to number of steps completed, heart rate, number of floors climbed and such other information as captured by such wearable devices.

WE MAY COLLECT MEDICAL INFORMATION, HEALTH SENSITIVE DATA, SPECIAL CATEGORIES OF DATA. YOU MAY TO AVAIL THE SERVICES, VOLUNTARITY SHARE YOUR MEDICAL INFORMATION, HEALTH SENSITIVE DATA WITH THE ORGANISATIONS OR HOSPITALS.

  1. TRACKING TECHNOLOGIES

We use third-party tracking technologies, analytical tools to improve our App and your experience while using our App.

The App uses Google Analytics (formerly firebase analytics), a mobile app analytics service provided by Google Inc. (“Google”). This is done by anonymously sending tracking events which enable the analysis of your use of the App. The information generated through these events about your use of this App are usually transferred to a server of Google in the US and stored there. In case of activation of IP anonymization on this App your IP address from Google will be truncated within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address is transmitted to a Google server in the US and shortened there. You can refuse the use of tracking events by selecting the appropriate setting through the settings menu within the app.

  1. ACCURACY OF INFORMATION

You undertake that you shall be solely responsible for the accuracy, correctness, or truthfulness of the Personal Information shared with us whether of your own or any third party. In the event you are sharing any Personal Information on behalf of a third person, you represent and warrant that you have the necessary authority to share such Personal Information with the Company, obtained a written consent from such third party and the Company shall not be responsible for verifying the same. You understand and acknowledge that such Personal Information shall be subject to the terms and conditions of this Privacy Policy.

  1. SUPPORT PROGRAMME 

One of the aims of the App is to enable digital patient care programmes (“Digital Care Programme”). In instances there is a team they can monitor the Patients’ current state of health and treatment, which hospitals, clinicians/ organisations can do by directly accessing the information Patient’s provide. None of this information will be visible to Company, or its associated companies, and may only be accessed by the technical service provider partner of the App. The technical service provider has committed to maintaining the strictest confidence in such circumstances. The information entered into the App is in confidence between hospitals, clinicians/ organisations and the Patients and / or the carers.

Company will, with the prior written consent of the Patients and / or carers, only have access to data that does not contain any information that could identify a particular Patient and for specific and limited purposes which may include providing the anonymised data to a third party who will report back on the usage of the App and the programme. Certain information collected on the App may be anonymised and used to measure usage of the App and to improve its content.

  1. ANONYMIZED DATA

We may also use your Personal Information collected to create aggregated or anonymized data. We shall ensure that such data will not be directly identifiable to you or to the Personal Information shared with us. We may use such data for any purpose including but not limited to conduct research, analytical purposes, and to improve our Services. By using the Services through our App, you provide us the right to use your Personal Information to create anonymized data and use it for our business purposes

  1.  USE OF PERSONAL INFORMATION

We may use the Personal Information to fulfill the following business purposes:

  1. To provide you the Services and assist you in the event you need any additional support. In particular, we use the information collected from your wearable device to provide services like
    • Recording your activity including but not limited to the number of steps that you have completed, number of floors that you have climbed, heart rate etc
    • Generating health reports based on your activity on a daily, weekly or monthly basis
    • Calculating whether you have achieved your goals or commitments
  2. To assist you during any technical difficulties that may arise in relation to your use and access of the Services.
  3. To maintain and manage Patient Account;
  4. To manage our relationship with you;
  5. To provide you information about any new offerings/and or our periodic newsletter.

Legal Basis for Processing Personal Information:

We will not process your Personal Information without a lawful basis to do so. We will process your Personal Information as per the provisions of the UK Data Protection Law and GDPR and only on the legal basis of consent, contract, or on the basis of our legitimate interests, provided that such interests are not overridden by your privacy rights and interests.

  1. DISCLOSURES

We do not sell, rent, distribute, lease or otherwise provide your Personal Information to third parties, without your prior consent. However, in course of providing Services to you or access to the App we may share your personal Information with certain parties. Accordingly, you expressly give your free consent to us to disclose or share your Personal Information in the following cases.

Affiliates: We may provide Personal Information we collect to our affiliates. For example, we may disclose Personal Information to our affiliates in order to respond to your requests for information or the Services.

Administrators: We may provide access to your Personal information to any of our authorized  administrators for an internal business purpose, who shall be under confidentiality obligations towards the same.

Data Controller: We may provide access to your pseudonymized Personal information to the Data Controller, who shall be under confidentiality obligations towards the same.

Service Providers: We may share your Personal Information with the service providers, who are working with us in connection with the operation of the Services or the App, so long as such service providers are subject to confidentiality restrictions consistent with this Privacy Policy.

Merger or Acquisition: We may transfer your Personal Information if we are acquired by or we acquire or merge with another company or transfer a part of our business, including the App, to a third party. Any third party or resultant entity that receives your Personal Information pursuant to a merger, demerger, amalgamation, reconstruction, change in control or business transfer shall have the right to continue your Personal Information. In the event of such a sale or transfer, we may notify you.

Legal and Regulatory Authorities: We may in order to comply with our legal obligations/ court orders/ requests by Govt. authorities share Personal Information with legal and regulatory authorities. 

  1. TRANSFER OF YOUR PERSONAL INFORMATION ACROSS BORDERS (FOR EU RESIDENTS)

Your Personal Data is stored on servers within the EU. There may be instances when the processing of your Personal Information will involve a transfer of Personal Information outside the European Economic Area (the “EEA”). Whenever we transfer your Personal Information out of the EEA, we ensure that a similar degree of protection is afforded to it by ensuring that any such international transfers are either necessary for the performance of the relevant software as a service agreement (relating to your use of the Support Programme) and the overseas recipient or are made subject to appropriate or suitable safeguards as required by your local data protection laws. If you have questions, please contact Support@healthmachine.io

  1. DATA RETENTION

We will retain your Personal Information as long as it is required to be retained for the purpose of provision of the Services. We may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

  1. SECURITY 

Your Personal Information is stored on the AWS cloud servers located within the European Union. We have implemented technical and organisational measures to safeguard Personal Information against loss, destruction, access, modification or dissemination by unauthorised persons. Access to Personal Information is only permitted for a limited number of authorised persons. We have implemented encryption at rest for on-disk data, two factor authentication and pseudonymisation as privacy enhancing technologies. All network communication is encrypted with TLS 1.2 and have incorporated data protection By Design and By Default into our systems. Although we provide appropriate firewalls and protections, we cannot warrant the security of any Personal Information transmitted as these systems are not hack proof. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible, and we assume no liability or responsibility for it.

Patient is responsible for all the actions that take place under the Patient Account. If the Patient chooses to share patient Account details and password or any Personal Information with third parties, the Patient is solely responsible for the same. If Patient loses control of the Patient Account, Patient may lose substantial control over its Personal Information and may be subject to legally binding actions. It is Patient’s responsibility to keep Patient’s password confidential and secure.

  1. CHILDREN’S AND MINOR’S PRIVACY

The Service is not directed to individuals under the age of 16, and we request that these individuals not provide personal information through the Service. If your child has submitted Personal Information and you would like to request that such Personal Information be removed, please contact us as explained below under Contacting Us.

  1. ACCESSING AND MODIFYING PERSONAL INFORMATION

In case you need to add or modify or delete the Personal Information request will be required to be raised with our tech support team at Support@healthmachine.io, you can make changes to your Personal Information by yourself as well.

  1.  YOUR RIGHTS

You have the right to access your Personal Information in our possession, right to have us rectify or modify any such Personal Information, right to have us erase/delete your Personal Information, right to restrict us from processing such Personal Information, right to object to our use of your Personal

Information, right to request to port your Personal Information, withdraw consent at any time where we are relying on consent to process your Personal Information, If you withdraw your consent, we

may not be able to provide certain products or services to you. We may need to request specific information from you to help us confirm your identity or also contact you for further information in relation to your request.

You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

If you would like to exercise ANY of these rights, please contact Support@healthmachine.io. If you are a resident of the EU and UK, you have the right to lodge a complaint with a data protection authority/supervisory authority of your region.
For UK residents – You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (https://ico.org.uk/make-a-complaint/). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

  1. LINKS TO OTHER WEBSITES

Our App may contain links to other websites/applications of your interest. Please note that we do not have any control over such other websites/applications, and you will be accessing these websites/applications at your own risk. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites/applications and those are not governed by this Privacy Policy. You should exercise caution and look at the privacy policy applicable to such websites/applications.

  1. CHOICE AND OPT-OUT

We may send you communications including but not limited to (a) notices about your use of our App and Offerings, including those concerning violations of use, (b) updates, (c) promotional information regarding our Offerings, and (d) newsletters. You may opt out of receiving promotional emails and newsletters from us by following the unsubscribe instructions provided in those emails. Alternatively, you can opt out, at any time, by emailing Support@healthmachine.io with your specific request. 

  1. LIMITATION OF LIABILITY

YOU EXPRESSLY UNDERSTANDS AND AGREES THAT THE COMPANY SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, INFORMATION, DETAILS OR OTHER INTANGIBLE LOSSES (EVEN IF THE COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), ARISING OUT OF THIS PRIVACY POLICY. THE FOREGOING LIMITATION OF LIABILITY SHALL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY HEREIN.

  1. INDEMNIFICATION

You agree to indemnify us, our subsidiaries, affiliates, officers, agents and employees (each, an “Indemnified Party”) and hold the Indemnified Party harmless from and against any claims and demand, including reasonable attorneys’ fees, made by any third party due to or arising out of or relating to: (i) accuracy and correctness of Personal Information and Patient Content that you submits or shares through the App and (ii) Violation of this Privacy Policy and applicable laws by you and your permitted users.

  1. GOVERNING LAWS AND DISPUTES

This Privacy Policy shall be construed and governed in accordance with the laws of the shall in all respects be governed by and construed and enforced in accordance with the laws of United Kingdom and the courts of United Kingdom shall have an exclusive jurisdiction to adjudicate any subject matter under this Privacy Policy.

  1. CHANGES TO THIS POLICY

Please revisit this page periodically to stay aware of any changes to this Privacy Policy, which we may update from time to time. If we modify this Privacy Policy, we will make it available through the App and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change through our App.

This Privacy Policy was last modified on 25th April 2022.

  1. CONTACT US

If you have any questions or concerns or grievances regarding this Privacy Policy including any requests to exercise your legal rights, you can contact us at compliance@avegenhealth.com.

Postal address:  Avegen Ltd. HQ King’s Cross, London CWC1X 8BP, United Kingdom

“I AGREE”