Privacy and cookies policy

Version number: 2

Effective date: 01/04/2020

 

 1. Who are we?

1.1  We are Healthpath Ltd trading as “Healthpath”. For privacy queries, you can contact us at hello@healthpath.com. Other contact details are on our website.

 

2. What’s the point of this policy?

2.1  It tells you what to expect when we collect your personal information via our website. Please only use our service if you are completely happy with this policy.

2.2  Generally, the policy covers only information provided to us. If you give personal information to other people, such as payment providers or other websites, please check their privacy policies.

 

3. Might the policy change?

3.1  Please check it whenever you visit our website. We will assume you agree to the new version of the policy if you use the site after its effective date. We may also notify you of any changes by email or in-service message.

 

4. What do we collect?

4.1  Information which you upload to our service or otherwise give us such as:

4.2  Some of this information will be “special category data”, such as details relating to your health.

4.3  Automated information about your use of our service such as: the internet protocol (IP) address used to connect your device to the internet, connection information such as browser type and version, information about your device including device-type and device identifier, operating system and platform, mobile network data, a unique reference number linked to the data you enter on our system, login details, the site from which you arrived at our service, details of your activity with date / time stamps including pages you visited and your searches / transactions.

4.4  The following information about you may be provided to us by other people:

 

5. What’s our reason / legal basis for collecting the information?

5.1  Because it’s necessary to take steps at your request to enter into a contract with you and/or to perform such a contract, e.g., send service messages, process payments and fulfil orders. This applies to initial enquiries and to contact and transaction details.

5.2  Because it’s in our “legitimate interests”, e.g., to manage and improve our service including tracking usage patterns and preventing or detecting fraud or abuse. This applies to automated usage data as well as to posts and similar information which you provide for public display on our service.

5.3  Because you’ve specifically agreed on our website. This applies to “special category data” (explained above) as well as contact or other information which you give or allow us to use for newsletters or other marketing. You can withdraw permission at any time as explained on our service or by emailing us at the above email address. You can withdraw permission at any time as explained on our service or by emailing us at the above email address.

 

6. How long do we keep personal information?

6.1  Until your account is closed or our contract with you has otherwise ended (or earlier if your account has been inactive for a certain amount of time provided we say so in our terms and conditions). You can close your account by emailing us at the above email address.

6.2  We may hold on to some of your information for longer (typically up to six years) if reasonably needed for legal or regulatory reasons, deal with disputes, prevent fraud or abuse and/or enforce our terms and conditions.

6.3  We will keep your information which we use only for newsletters or other marketing until you tell us to stop sending you such messages.

 

7. To whom do we send or make available your personal information?

7.1  To other people who supply us with a service, e.g. labs, couriers, fulfilment companies, website hosts, customer service providers, and businesses which help us send communications or monitor our website and which provide us with e-commerce, analytics, online advertising and other IT services.

7.2  To other users of our service, if you use personal information when posting in the community section of our website.  

7.3  To regulators, the police and other law enforcement authorities if requested to help deal with fraud and abuse and/or comply with legal requirements.

7.4  To insurers and professional advisers in connection with our insurance cover or to deal with legal claims.

7.5  To potential buyers so far as reasonably necessary, in the case of an actual or proposed (including negotiations for a) sale or merger or business combination involving all or the relevant part of our business.

7.6  Important: We will only disclose health data where absolutely necessary to do so – e.g., to labs to enable testing.

 

8. Do we send your information outside the European Union?

8.1  Your personal information which we collect is stored within the EU and is not transferred to any third countries except as follows.

8.2  Your personal information may be transferred to the US by the following companies certified under the EU-US Privacy Shield Framework, which provides certain safeguards for your personal information: Google, Facebook, Microsoft and Hubspot (all for the purposes of analytics / online advertising).

 

9. What rights do you have?

9.1  If the legal requirements are met: To ask us for access to your personal information, to rectify it if there are mistakes, to delete or restrict its use in certain circumstances or to “data portability” or to withdraw any consent you’ve given (e.g. marketing).

9.2  You may also have the right to object to use of your personal information in certain circumstances.

9.3  If you have a complaint about how we are dealing with your personal information, please contact us via the email address above. If you are not happy with our response or think we are not handling your personal information in accordance with the law, you have the right to complain to the Information Commissioner’s Office (ICO).

9.4  For more information about your rights, visit the ICO’s website: ico.org.uk.

 

10. What about cookies?

10.1  We and/or other companies use cookies and other tracking technologies on our website. A cookie is an identifier (a small file of letters and numbers) that is sent to your web browser. Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website owner or others. Some are session temporary “session” cookies that remain in the cookie file of your browser only until your browser is closed. Whereas persistent cookies stay for longer (depending on the lifetime of the specific cookie). For further information on cookies, including how to use your browser to block them and how to delete existing cookies, visit: allaboutcookies.org. Our site’s functionality will be limited if you configure your browser to reject cookies.

10.2  We ourselves place the following types of cookies:

Type of cookies Purpose
Logged-in status Assess whether you are logged in to our site
Authentication Identify and authenticate you to help you move easily through the site
Shopping cart Remember contents of your cart and related preferences
Security Provide security-related features to protect our site, for example to help stop fraudulent logins
Cookie notice Store your response to our cookie notice

 

10.3  Companies which provide us with a service also place cookies. Some of these cookies (e.g. from Google) may involve certain information, such as your IP address and web address of the page you’re visiting, being sent to the company concerned. Below is a summary of the kinds of cookies used together with details about who places them and where you can go to get more information and to opt out (where possible):

Google Analytics (“GA”). More:

– general information about the types of cookies placed by Google including analytics

– a technical explanation of GA cookies

– Google’s use of its partners’ data including how to control information collected by Google

– how to specifically opt out from GA cookies

– Google’s privacy policy

 

Google (including Analytics Ad Features / AdSense / Doubleclick)

– general information about the types of cookies placed by Google including advertising

– how Google uses cookies and other technologies in advertising including how to opt out of  advertising cookies (this explains how ad personalisation works)

– Google’s use of its partners’ data including how to control information collected by Google

– Google’s privacy policy

 Facebook (including “Facebook Pixel”)

– Facebook’s cookies policy (see especially under “Advertising, recommendations, insights and measurement”) including how to control Facebook’s use of cookies

– Facebook’s privacy policy

 Microsoft’s Bing

– Microsoft’s privacy policy including how to control Microsoft’s use of cookies

Note that there are various places where you can go to opt out of many companies’ advertising cookies in one go including some or all of the above:

networkadvertising.org/choices

http://www.youronlinechoices.com/

http://optout.aboutads.info

 

– Paypal’s privacy policy

– Stripe’s privacy policy

 

– Facebook’s privacy policy

– Google’s privacy policy