CORLIFE APP PRIVACY NOTICE | January 2020
You have the right to be informed about our use of your personal data. This notice tells you particularly about use of the personal data that we collect from you while you use the CorLife app. This notice provides you with the following information:
- The types of personal data we collect (and our sources)
- Your choices about what personal data we collect and use
- How we use your personal data, and our legal bases
- Sharing your personal data
- Where your personal data is located
- Retention periods for the personal data
- Your rights in respect of your personal data
- Changes to this notice
- Complaints to the regulator
- Details about us and our Data Protection Officer
- Glossary of terms used in this notice
We will only use your personal data in accordance with this notice (and any similar notice that we provide to you from time to time).
THE TYPES OF PERSONAL DATA WE USE (AND OUR SOURCES)
We and the app will use the following types of personal data. Except where stated otherwise in this section, the personal data will be inputted directly by you or received from slave devices that you connect to the app:
Account information – We need personal data to create your account. The minimum is your name, date of birth and email address, which we obtain from your employer. The app will generate and email to you a one-time password for you to access the app for the first time, when you will be asked to reset it using a permanent password, for your own security. You may also choose to add other personal data to your account. You will see the choices when you access the app. They are likely to include information such as your birth gender, ethnicity, a profile photograph, phone number, postcode, your long term vision, your health vision, current key people in your life and your relationship to them. We also keep a record, on our infrastructure, of who you work for.
Health screening questionnaire data and blood test results – We ask you to provide personal data in response to the health screening questionnaire which we provide when you start the coaching process. You complete the questionnaire via the app, and tell us about your health, your immediate relatives’ health, and your lifestyle. If you have blood tests carried out, the laboratory will send the results directly into the app infrastructure using a unique identifier (in order to avoid transmitting information that directly identifies you).
Bio-metrics from your slave device – If you connect a slave device to the app, we will collect personal data directly from the slave device or the slave device’s API. The devices collect data to estimate metrics like the number of steps you take, calories burned, your weight and body fat percentage.
Bio-metrics from you – If you input the data when the app prompts or allows you to, the app will use measurements such as your weight, waist measurement and height.
Bio-metrics from a clinician – If we offer it, and you accept, a clinician may take body measurements such as your weight, height, blood pressure, waist and body fat.
Lifestyle information from you – If you input the data when the app prompts or allows you to, the app will use information such as: your food, drink and alcohol intake, whether you have any long-lasting disease, your medication, your smoking status, your mental health and stress levels.
App-generated information for you – The app uses your personal data automatically to generate a detailed report about your health, suggested health goals, your progress against goals that you engage with, and awards when you achieve the goals.
App-generated information for your employer – The app uses your personal data (together with personal data of other employees who your employer groups you with, in the app) automatically to generate a high level report about that group. Each report is about the group of employees that you are assigned to within the app, and is not specifically about you. The report indicates what proportion of the employee group has downloaded the app, how much members of that group are using and engaging with the app, and changes in health across the group during the Programme.
Usage information (events and activities) – We collect information via the app and analytics services about your interaction within the app, and all activity and events within the app. You will see the main events and activities when you access the app. For example, we will record when you log onto your account, when you have viewed content, how long you spend in each item, the pathways or order in which you view content, when you have completed questionnaires, when you choose a goal, trophy or badge, when you input evidence towards achieving a goal, when you post comments, and when you are awarded a trophy or badge.
Usage information (context) – We collect data via our app and analytics services about the devices and computers you use to access our app including IP addresses, browser type, language, operating system, information about your master device and slave devices (including identifiers of the device and apps installed on it), the referring web page, web pages visited, and the location of the device (depending on the location permissions you have set for the device and our app).
Usage information (compliance) – We may keep records about any breach of our App Terms and Conditions, Privacy Notice or applicable laws or regulations, and any associated investigation and correspondence.
Analytics services – We use analytics software code (which we incorporate into our app) and infrastructure provided by a third party (currently Amazon Web Services Inc, Google Inc and Microsoft Corporation) to help us collect, organise and interpret the usage information.
Correspondence – The app allows you to post comments and interact with other users. We may also keep and use records of our written and verbal correspondence with you, and records of your exercise of rights under Data Protection Legislation, and we may use management systems other than the app to log the start, progress and closure of enquiries, requests and other correspondence.
Cookies and local storage – Our app does not place cookies on your master device. The app keeps the following on your master device: your user ID for the app (in encrypted form) to authenticate you when you access the app. Personal data that you input into the app, and usage information, is sent to the app infrastructure when connectivity permits, and is not kept on your master device. Personal data that the app calls from the app infrastructure is also not kept on your master device. The app does not access other personal data on the master device apart from photos, if you choose to upload one.
YOUR CHOICES ABOUT WHAT PERSONAL DATA WE COLLECT AND USE
As far as we are concerned, you do not have to install the app, attend the blood test or give a blood sample, complete the health screening questionnaire, or allow the app to receive biometrics from slave devices. You have no contractual obligation to us, or statutory requirement, that means you must install the app, contribute personal data, or use the app.
If you choose not to install the app, contribute personal data to it or use the app, your decision is a matter between you and your employer. There may be a contractual obligation between you and your employer, that requires you to do one or all of these things: please check the Privacy Notice that your employer has provided to you.
If you choose not to install the app, we will not collect or use your personal data, and you will not get the benefit of the app or our services. If you choose to install the app but not complete the questionnaire or contribute other personal data, as a minimum we will need your Account information. In this case, the limited scope of personal data will mean you do not fully benefit from the health insights and benefits that the app and our other services can provide when more comprehensive personal data is available. For example, if you do not connect a slave device or allow the app to collect biometrics from it, you will not be able to use coaching journeys (see below) in the app.
HOW WE USE YOUR PERSONAL DATA, AND OUR LEGAL BASES
We use your personal data to provide, maintain and develop our app and services, and to personalise the services for you or your employer. Specifically, unless you tell us otherwise by exercising your rights, we use your personal data for the following purposes:
To book preparatory appointments for you – If you enrol in the Programme we will use your account information to book a blood test appointment, and if we offer it and you accept we will book an appointment for your biometrics to be taken by a clinician. Legal bases: your explicit consent, given to us as part of enrolment.
To generate health reports for you – The app automatically uses your health screening questionnaire responses, together with your blood test results, bio-metrics and lifestyle information collected during the Programme, to produce a detailed individual report which is only available to you, within the app on your device. Legal bases: your explicit consent, given to us via the app or in advance of your app account being created.
To inform coaching journeys – The app automatically uses your personal data to suggest goals (and to award badges when goals are achieved) that might be suitable for you to engage in to improve your health during the Programme. We use bio-metrics from your slave devices to track your progress. Legal bases: your explicit consent, given to us via the app or in advance of your app account being created.
To produce summary health reports for your employer – The app automatically uses your anonymised health screening questionnaire responses, together with your anonymised blood test results and bio-metrics collected during the Programme, to produce a summary report for your employer, which is only available to your employer, via the app employer website, during thenProgramme. The summary reports themselves do not contain personal data. They contain data about selected health factors, such as the number of employees with raised blood pressure. Legal bases: the legitimate interests of us and your employer, and for the purposes of preventive medicine, the provision of health treatment, and the management of a health care system
To carry out quality control – We use your personal data, combined with that of other users of the app, to carry out analysis for quality control, so that we can develop and refine the app to make it more accurate over time. Your health reports may be selected (the selection is random) to be reviewed by a Clinician to check the accuracy of the app’s health report generation feature. Your health reports may also be selected for review by a Clinician if certain results are outside expected parameters. These will be reviewed in case the app, rather than your health, is the cause of the unexpected results. In such a case, however, the Clinician may contact you to draw your attention to the results, and may encourage you to discuss the results with your GP. Legal bases: your explicit consent, given to us via the app or in advance of your app account being created.
To communicate with you – We use your contact details and our records of previous correspondence during the Programme to send you (at our own initiative) notifications about the app, and to respond to you when you contact us or post a message for us (e.g. on the App Store). Legal bases: your explicit consent, given to us via the app or in advance of your app account being created.
To develop new features and services – We may use your personal data (and particularly your usage information) to understand how you use our app, and to inform the development and improvement of our app and services and to develop new features. Legal bases: our legitimate interests in developing and improving the app.
To create anonymised datasets – We will use your personal data (including, for example, your “start” and “end” health profile, and goals, badges and trophies you have attempted or achieved) to create a new version of the data that does not identify you at all. We use anonymised datasets, which do not contain personal data, for any purposes, including marketing (e.g. to illustrate to other people the progress that unidentified users have achieved, using the app), health research, and further development of the app. Legal bases for creating the anonymised datasets: your explicit consent, given to us via the app or in advance of your app account being created.
For app and user safety and security – We use your personal data as part of safety and security measures within the app, for the benefit of you and other users, and third parties. For example, we may use your personal data to authenticate your access to the app, analyse your and others’ usage of the app to detect and protect against fraud and other unlawful acts or omissions, and to detect breaches of our App Terms and Conditions or Privacy Notices. Legal bases: our legitimate interests in app security, data security and user safety and (in the case of information relating to crimes) based on exemptions under the Data Protection Legislation.
To comply with legal requirements – We may use your personal data (other than your special category data) to comply with any legal obligation that applies to us. Legal basis: to comply with our legal obligations.
To deal with claims and disputes – We may use your personal data to establish, exercise or defend any legal claims. Legal basis: our legitimate interest in dealing with disputes in which we are party or have an interest, and to establish, exercise or defend legal claims.
SHARING YOUR PERSONAL DATA
Within the app you are able to share your personal data with others without involving us: the app will carry out your instructions automatically. You can:
- Use your account settings to control how much of your personal data that is used or generated by the app is available to your fellow employees or other users of the app; and
- Participate (or not) in community and social features of the app that enable you to engage with other users of the app, such as your profile photo, messages and sharing of your achievements or statistics.
We will not share your personal data with third parties, except in the circumstances described below:
If you direct us to share – You can direct us to disclose your personal data to third parties, who may include your GP or other physician, your employer.
To our processors – We will transfer your personal data to our processors, or otherwise permit our processors to use it. They can use the personal data only on our instructions. Our processors include: our staff; other members of our group of companies; the laboratories that carry out your blood test (to whom we provide your name and date of birth, prior to the blood test); our analytics service provider (currently Amazon Web Services Inc, Google Inc. and Microsoft Corporation), our IT service providers who provide, maintain, improve, manage, optimise or fix the app, our infrastructure and websites; our business service providers who provide customer support, sales, data analysis, research and survey services; and our professional service providers, being accountants, legal advisers and insurance brokers.
To other controllers – We may disclose your personal data to any court, tribunal, mediator or similar for the purposes of establishing, exercising or defending any legal rights; to any person who evaluates us, or any part of our business or assets, with a view to any share or asset-based merger, acquisition, sale or purchase transaction; our professional service providers will be controllers of the personal data that we provide to them, where required by their legal obligations or permitted by Data Protection Legislation.
Sharing and publication of anonymised data – We want you to be aware that we will use the information contained in the summary health reports that the app provides for your employer, alone or combined with other information or analysis, for our own business purposes. We will also use the anonymised datasets, outcome assessment reports and the service improvement and development reports (each as described above) for our own business purposes. We need a legal basis for using your personal data to generate the datasets and reports, but we do not need any legal basis for using them, because they do not contain any personal data. We may use information, for example, in our advertising and for marketing or briefing third parties, such as other employers and users, researchers, our business partners, suppliers, service providers and advisers. We may use it for benchmarking purposes. We may publish it, for example in public reports about our outcomes, to journalists, publishers and their readers.
WHERE YOUR PERSONAL DATA IS LOCATED
For details about where the app stores personal data, see the section about Cookies and local storage, above. The personal data that you view on the master device, and the limited personal data that the app keeps on the device, goes wherever the device goes. The app infrastructure is located in the European Union.
RETENTION PERIODS FOR THE PERSONAL DATA
We will keep your blood test results for 10 years to align with General Medical Council guidelines on the retention of health data. We keep all your other personal data information, including your exercise or activity data, until you use the tools provided in the app (or you exercise your rights) to erase the data (or your account).
If you require erasure of any of your personal data, for most items of personal data the erasure will be completed within 30 days. It may take up to 90 days for some items, like the data recorded by your slave device, and data stored in our backup systems.
If you delete your account, we will retain your email address (to identify you, if required), and a deletion request identifier, indefinitely.
We may retain your personal data for longer than the retention periods described above, where necessary for establishing, exercising or defending legal claims. In such cases, we may retain the personal data until all the periods allowed for bringing the claims have expired and all claims raised have been settled.
YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA
You have the following rights under Data Protection Legislation:
Accessing personal data – You have the right to access personal data that we hold about you. You can access much of your personal data via the dashboard in the app, which sets out your health report, your daily exercise and activity statistics, your goals and badges. To the extent that any of your personal data is not accessible to you in the app, you can submit a request to us at any time, via email@example.com
Rectifying personal data – If you become aware of any inaccuracies in your personal data that we use about you, you have a right to get the personal data rectified. The account settings in the app let you change some of your personal personal data. If any of your personal data needs to be rectified but the app does not allow you to make the changes, you can submit a request to us at any time, via firstname.lastname@example.org . If you require rectification of factual data (e.g. blood test results, or data from a slave device) we may ask you for evidence to demonstrate that your personal data in the app does in fact require rectification.
Erasing personal data – You have the right to get your personal data erased from the app in certain circumstances. The account settings in the app let you erase some of your personal data. If you want to keep your user account but erase other personal data from it, you can submit a request to us at any time, via email@example.com The account settings in the app also allow you to erase your entire user account including the personal data contained in it.
Withdrawing your consent – If we rely on your consent for using your personal data, you can withdraw your consent at any time. You can update your consent decisions at any time, via the account settings in the app. Where our use of your personal data relies on consent and you withdraw your consent, we may still retain your personal data and use it for other purposes if we have legal bases. We may also still use anonymised data.
Objecting to our legitimate interests – You have the right to object to our use of your personal data to the extent that our legal basis is legitimate interests and no exception applies to permit us to keep using it, or we use it for scientific or historical research purposes or statistical purposes and no exception applies to permit us to keep using it.
Restricting our use of your personal data – You have the right to ask us to restrict our use of your personal data to the extent that (a) you have questioned the accuracy of the personal data and we are still checking its accuracy, (b) it is established that we did not have the lawful right to process the personal data, (c) we no longer need to use your personal data for the purposes we collected or used it for but you need it to be preserved for the purposes of legal claims, or (d) you have exercised your right to object to our use of your personal data and no exception applies to permit us to keep using it.
Data portability – Where we rely on your consent as our legal basis for using your personal data, you have the right to receive that data in a commonly used file format so that the data can be inputted into an alternative to the app. If it is technically possible, and if there is an alternative app, you have the right to ask us to transmit your personal data directly to the alternative app. It will be your responsibility to exercise your rights against the provider of the alternative app so that they provide suitable facilities for receiving the data transfer.
Automated decision-making – We use automated decision-making to decide what goals and badges to suggest to you, and to decide how to group you in app-generated reports (for example, to add you to the number of employees that is reported to your employer as having high blood pressure). You have the right to ask us to provide a copy of any of your personal data where we use it based on your consent, so that you can reuse the personal data for your own purposes on alternative apps or services.
You also have the right not to be subject to automated decision-making which significantly affects you, unless we are authorised by law to use the personal data for automated decision-making, or have your explicit consent. You can exercise these rights by submitting a request to us at any time, via firstname.lastname@example.org
CHANGES TO THIS NOTICE
We reserve the right to make changes to this notice from time to time. If this notice changes in any way, we will publish an updated version via the app.
If this notice is changed in a way that we think is material from your perspective, a notice will be posted on our website for 30 days, we will send you an email notification, and the changes will become effective after those 30 days.
We may also provide other notices to supplement this one, including additional ‘just in time’ notices, and notices that clarify our data protection and privacy practices or provide you with additional information or choices about how we use your personal data.
COMPLAINTS TO THE REGULATOR
If you have any concerns or a complaint about how we use your personal data, or any aspect of this notice, please contact us using the details in the next section, so that we have an opportunity to address the matter for you.
In addition, you have a right to complain to the Information Commissioners Office at https://ico.org.uk/make-a-complaint/
DETAILS ABOUT US AND OUR DATA PROTECTION OFFICER
CorLife Limited is a private company limited by shares and incorporated in the United Kingdom with company registration number 09976001. Currently its registered office address is at Hillier Hopkins, 51 Clarendon Road, Watford, England, WD171HP.
If you want to exercise any of your rights, or have questions, suggestions, or concerns about this notice or about our use of your personal data, please contact our Data Protection Officer at email@example.com
GLOSSARY OF TERMS USED IN THIS NOTICE
In this notice, certain terms have a special meaning. The terms and their meanings are set out below.
The “CorLife app” or “app” is our CorLife application, and infrastructure that we control and is available to the app via the connectivity services on your master device. Reference to any “other software” means any software apart from the app, including the operating systems and manufacturer software on your devices, applications for your slave devices, and other applications and all associated websites.
A “controller” is someone (such as us) who uses your personal data for their own purposes, and decides what the purposes are and the means by which your personal data is used. To use your personal data, a controller must have at least one legal basis, and must comply with your rights.
“Data Protection Legislation” is the EU General Data Protection Regulation (2016/679) and the UK Data Protection Act 2018
“Infrastructure” is the computer servers and facilities (including websites) that operate with your master device or slave device or with the app or other apps, via the connectivity services that are available on the relevant device. For some master devices and slave devices, the provider of the device copies your data from the device to the infrastructure so you can view it in your online account, and some providers also provide a method (the “API”) for us (relying on the relevant legal bases) to access your data from that infrastructure via the internet.
The “legal bases” (each a “legal basis”) that we rely on is stated above in this notice.
A “master device” is each device (such as a smartphone or tablet) that the app is installed on and that you use the app on, including infrastructure controlled by the providers of that device or other software on it.
A “slave device” is one (such as weighing scales, or a wearable) that you connect with the master device so that the app can collect data from it, including infrastructure controlled by the providers of that device or other software on it.
“Personal data” is defined in the Data Protection Legislation. It means information relating to a living person, where the person
is identified or identifiable. The information that you provide for the app, and that the app generates about you, are personal data.
“Anonymised data” is derived from personal data, but no longer identifies any living person, and so it is not personal data and is outside the scope of the Data Protection Legislation.
A “processor” is one of our service providers who we instruct to do something, for us, using your personal data.
The “Programme” is the service programme that we provide for your employer for a fixed period.
The “Programme Manager” and “Clinician” are members of our staff who, respectively, manage our services for your employer or advise on health and nutrition during the Programme.
“Special category data” is personal data that reveals a living individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership; genetic data samples; biometric identification data (such as fingerprints); and personal data about the health, sex life or sexual orientation of a living individual.
Reference to “use” of personal data (and similar terms, such as “using”) is synonymous with the term “processing”, which is defined in the Data Protection Legislation. The terms include the first collection of your personal data, its erasure, and storage, disclosure to others, transmission and other uses of it in the meantime.
“Your rights” are your rights under Data Protection Legislation, which are outlined above in this notice, and include your right to complain to the Information Commissioner’s Office.
References to “us”, “we” and “our” mean CorLife Limited. References to “you” and “your” mean you, the user of the app.