Managed Self Ltd ("we", "us", "our", "Delfin Health"), a company registered in England & Wales with company number 10696687 with registered offices at 10th Floor Met Building, 22 Percy Street, London, England, W1T 2BU.
We are committed to protecting and respecting your privacy. We are a data controller under UK law. This means we are responsible for determining the purposes for which and the manner in which your personal information provided to us is processed.
Personal information means information that identifies you personally such as your name or contact details, or data that can be linked with such information in order to identify you.
Please note that we interact with other third parties and in some cases we are simply processing your personal information on their behalf. Such third parties may also be data controllers in their own right and have their own privacy policies.
You may give us information about you by entering information on our app which can be downloaded via the major app stores (Delfin Health App) or our website, which can be found at www.delfinhealth.com (Website); allowing us access to data about you held by third parties; filling in forms; or by corresponding with us by phone, e-mail or otherwise. You may also give us information, and we may collect and process information about you resulting from, any interactions you undertake or services you request or source from us.
It will be clear at the time what personal information we are requesting from you. If you do not provide the personal information necessary or withdraw your consent for the processing of your personal information, where this information is necessary for us to provide the relevant risk management health solution services (Services) to you, we will not be able to provide these Services to you. You don't have to provide data and can simply choose to stop using the Delfin Health App or our additional Services.
Each time you use the Delfin Health App we may automatically collect the following information:
We will collect the following information to set up your account and security profile, and administer and maintain your account, including for any technical updates to or technical support for the Delfin Health App:
Sharing feature - other than your name and email address, people you have shared your data with via the sharing feature will only be able to see the information you have chosen to share with them. They will not be able to see or access your security information and other information you choose to withhold. You can at all times revoke access to information that they have access to.
We may also receive information about you from third parties to facilitate provision of applicable Services. This may include information provided from your GP or other healthcare provider such as your name, NHS number and relevant contact details as well as sensitive information about you including your medical records. They provide such data to us to enable us to provide the Services to you and only where you have requested the provision of such data.
Delfin Health will process your personal information:
1. To provide services to you or where we have a contract with you:
2. Where we have a legal obligation:
To make disclosures as required by or in compliance with reasonable requests by regulatory bodies or as otherwise required by law or regulation.
3. Where it is in our legitimate interest:
To maintain a suppression list should you opt-out of receiving communications. This is in our legitimate interest to ensure that we are not at risk of breaching data protection laws by communicating with you where you have asked us not to.
Where we rely on legitimate interest as a ground for processing your personal information, we carry out an internal assessment to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these internal assessments. You have a right to the information contained in these balancing tests on request and can find out more by contacting us using the details below.
4. Where we have your explicit consent:
Where any of the personal information we use contains data concerning health related information and ethnic information, religious or philosophical beliefs, trade union membership data, genetic/ biometric data and sex life or sexual orientation data (together "sensitive information"), in addition to the above, where you provide this data to us directly through your use of the Delfin Health App, Website or applicable Services, we rely on you having provided us explicit consent to use such data when you provide us with this personal information.
5. Recommendations and Personalisation:
We will use your personal information to recommend content, products and services that might be of interest to you, identify your preferences, and personalise your experience with Delfin Health. Where any of the personal information we use contains sensitive information, in addition to the above, where this data is received from third parties we rely on the lawful basis of third party data provider to use such data for recommending health and wellbeing products and services.
If you choose to use our health score, chronic disease risk assessment and associated functionality you consent to us analysing your data in order to conduct analysis and research into improving health and wellness for everyone. In return you will receive the benefits of that research in the form of improved information. We will contact you with opportunities to share your data for the benefit of population health and medical research. We will create a profile of you based on your use of our application, conditions, symptoms, treatment, medications, vaccinations and measurements, for use (but only where we consider that these complement, interface or align with or are relevant to, your use of the Delfin Health App and your profile), as follows:
WHEN WILL WE SHARE YOUR PERSONAL INFORMATION?
Information about our customers is an important part of our business and we are not in the business of selling our customers personal information to others. We share personal information only as described below:
We will not:
HOW DO WE STORE YOUR PERSONAL INFORMATION?
We will store your personal information within our infrastructure using one or more Third-Party Service Providers, which are all located in the UK or EU. All data will be encrypted when being transferred.
Your data may be transferred outside of the UK or EU, for example, if we use a cloud service that has host servers located in another country. If your data is transferred outside of the UK or EU, it is done so under contract, which states how those companies or individuals must keep your data safe.
We take all steps reasonably necessary to ensure that your data is treated securely through strict procedures and security features to prevent unauthorised access to your personal information. Please contact us if you would like further information on the specific mechanism used by us when transferring your personal information out of the UK or EU.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
We will retain your personal information for as long as needed to fulfil the purposes of providing our Services to you or for a period specifically required by applicable regulations or laws. For example, where you are registered for any of our Services, we generally keep your personal information for the duration of time you utilise that Service.
When determining the relevant retention periods, we will consider factors including:
we securely erase or anonymise your personal information where we no longer require your information for the purposes collected.
Any third parties that we engage will keep your data on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third-party providers, we will make sure they securely delete or return your personal information to us.
WHAT ABOUT THIRD PARTY SITES?
The Delfin Health App, Website and other Services we offer may contain links to other independent third-party websites or mobile applications ("Third-party Sites"). Clicking on those links or enabling those connections may allow third parties to collect or share data about you.
These Third-party Sites are not under our control, and we are not responsible for and do not endorse their content or their privacy policies (if any). You will need to make your own independent judgement regarding your interaction with any Third-party Sites, including the purchase and use of any products or services accessible through them.
WHAT RIGHTS DO YOU HAVE?
By law, you have a number of rights (subject to certain conditions) when it comes to your information. Further information and advice about your rights can be obtained from the data protection regulator in your country (in the UK this is the www.ico.org.uk. ICO). You can exercise any of these rights by contacting us through our details below.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
Alternatively, we may be entitled to refuse to act on the request. Please consider your request responsibly before submitting it. We will respond to all such requests within the time period required by law. Generally, this will be within one month from when we receive your request but, if the request is particularly complex and going to take longer to deal with, we will come back to you and let you know.
If you are only a visitor to the Website and have not subscribed to the Delfin Health App, then we will not usually ask you to provide any health, wellbeing or medical data. Please note that if you or someone on your behalf makes any public posts to message boards or social media about your health, wellbeing or medical circumstances, you will be regarded as having agreed to such publication.
However, we will collect the following:
We may use the data that we collect about you in the following ways:
Delfin Health / Managed Self Ltd
10th Floor Met Building
22 Percy Street, London
England, W1T 2BU
Our email address is firstname.lastname@example.org
If you are not satisfied with our response to a complaint you have made, or think we aren't complying with data protection law, you can make a complaint to the UK data protection regulator - the Information Commissioner's Office:
Water Lane, Wilmslow,
Cheshire SK9 5AF
Phone number: +0303 123 1113