PRIVACY POLICY | PROHAB
WHO WE ARE
Our website address is: http://prohabperformance.com.
INTRODUCTION
Prohab Ltd (“Prohab” or “We” or “Us”) is committed to protecting and respecting your privacy in line with current legislation. This privacy statement is relevant to anyone who is using the Prohab service. It tells you what personal data is collected and what we do with that personal data.
The Prohab service uses your Health data (a combination of Personal Data and Sensitive Personal Data) collected manually from you.
ABOUT PROHAB
Prohab Ltd (“Prohab” or “Us” or “We”) is a registered company in the United Kingdom (Company No. 05522835; Registered Office Address 21 Ludgate Hill, EC4M 7AE)
DEFINITIONS
In the provision of the Prohab service, both Personal Data and Sensitive Personal Data will be collected and used.
Personal Data means data which relates to a living individual who can be identified from the data or from the data and any other information which is in the possession of, or likely to come into the possession of, the data controller.
Sensitive Personal Data means personal data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.
We will also refer to the Data Protection Officer (DPO) and the Data Controller.
According to the GDPR legislation which comes into effect in May 2018, Prohab will be required to appoint a DPO as we carry out large scale systematic monitoring of individuals and carry out large scale processing of special categories of data. The purpose of the DPO is to inform and advise Prohab and our employees about obligations to comply with GDPR and other data protection laws; to monitor compliance with GDPR and data protection laws; and to be the first point of contact for supervisory authorities and for individuals whose data is processed.
The Data Controller is a person who determines the purposes for which and the manner in which any personal data are or are to be processed.
The Data Processor means any person who processes the data on behalf of the Data Controller.
WHAT DATA WE USE
Data Category |
Purpose of Data |
Type of Data |
Personal Data |
We collect Personal Data at the point of contacting us via email, subscribing to any of our email lists, submitting a ‘contact’ form or purchasing the product/service. |
Name, Age, Phone Number, Address, Email |
Sensitive Personal Data |
We collect Sensitive Personal Data after you have purchased the product as part of fulfilling the product/service. |
Ethnicity; Physical/mental health information; Biometric information |
Cookies |
Cookies (small text files placed on your computer while using our site) may be used to assist with improving your site experience and to safeguard your privacy whilst browsing our site. For more information visit www.allaboutcookies.org |
Strictly necessary cookies; Performance cookies; Functionality cookies; Targeting/Advertising cookies |
Browser Event Data |
Browser event data is collected during your visit to our website. This information is collected and processed to provide insights into user behaviour in order for us to continually improve our service. |
Device IP address; Device screen resolution; Device type; Country location; Preferred language; Mouse events; Keypresses; Log data |
Web Beacons |
Webpages and HTML emails may also contain a small snippet of code called a web beacon. In their simplest form, web beacons allow a website to transfer or collect information through a graphic image request. Prohab may use web beacons as part of the site, but only for fraud detection. |
|
WHO WE SHARE YOUR DATA WITH AND WHY
The Prohab service is run by us with our third-party service providers to provide the overall service. These companies will, as necessary, process your data in order for us to fulfil the Prohab service you purchase.
The following parties are Data Controllers:
Prohab Ltd |
Provides the overall service; Coordinates with and provides policy to Third Party Suppliers to fulfill the service. |
The following Third Party Suppliers are Data Processors and this table reflects their requirements to fulfill our service and the data we share with them in order to do so:
Supplier |
Purpose |
What data we share |
LiveSmart |
Lifestyle and health assessment, Receive blood samples, process blood samples and return results back to User |
Full name, Email. |
Functional Dx |
Receive and process blood samples and return results back to Prohab. |
Full name, Gender, Date of Birth, Postcode, Phone number, Pathology Sample |
Cyrex LLC |
Receive and process blood samples and return results back to Prohab. |
Full name, Gender, Date of Birth, Postcode, Phone number, Pathology Sample |
Regenerus |
Receive and process blood, urine and stool samples and return results back to Prohab. |
Full name, Gender, Date of Birth, Postcode, Phone number, Pathology Sample |
Stripe Inc |
Full name, Address, Email, Phone Number, Credit card details |
|
Act as our card merchant and host your payment details for the purpose of any online transactions you make to us. |
||
Firstbeat |
Full Name, Email |
|
Act as our ‘First Beat’ supplier. They provide the kit and data collection tool to record stress and Heart Rate Variability. They then provide that report back to our clinical team |
||
Cliniko |
Act as our practice management software. Cliniko stores medical records, appointments, treatment notes, invoices, payments |
Full Name, Address, Email, Phone Number, medicals records, treatment notes |
iZettle |
Act as our card merchant and host your payment details for the purpose of in clinic payments |
Name, Credit card details |
HOW DO WE PROVIDE THE PROHAB SERVICE WITH OTHERS
This section explains the purposes to which we put your Personal Data and Sensitive Personal Data and explains the legal basis and legitimate interests we rely upon when we do so.
‘Legitimate Interests’ refers to our interests in conducting and managing our business. The particular interest which we are relying on in each case is explained in more detail below. When we use your data in our legitimate interests, we make sure to balance any potential impact on you and your rights under data protection laws. Our interests do not automatically override your interests.
We will never share the Personal Data or Sensitive Personal Data with any other parties except for the purposes of fulfilling our service and aggregated data or research, in which case all data we use would not be identifiable.
TO PROVIDE THE PROHAB SERVICE
What Data we use: Name, Email, Date of Birth, Address, Telephone Number, GP Information, Medical history, Medication information, Biometric Data, Dietary and exercise data.
How We will use Data: We will use your Personal Data and Sensitive Personal Data to provide the service, including to manage our relationship with you, to verify your identity and eligibility to use our service and/or to contact you to provide and administer our service. Without this information, we cannot provide the Prohab service.
Your data will not be shared with your employer.
TO IMPROVE THE PROHAB SERVICE
What Data we use: Name, Email, Date of Birth, Address, Telephone Number
How we will use Data: We may use contact you for your feedback or use your information to improve the Prohab service by creating pseudonymised reports and by contacting you to receive feedback. We can use your data in this way because we have a legitimate interest in improving and tailoring our service and keeping our customers happy.
TO CONDUCT RESEARCH AND AGGREGATED REPORTS
What Data we use: Pseudonymised Personal Data and Sensitive Personal Data
How We will use Data: We may use this data to conduct research on the efficacy of our products and to identify where we can improve our product, or to provide aggregated anonymised reports to analyse the usage, uptake and efficacy of the products and services.
TO DO WHAT WE ARE REQUIRED TO DO BY LAW
What Data we use: Name, Email, Date of Birth, Address, Telephone Number
How We will use Data: We may be required to retain or use your data if we have a legal duty or obligation to do so. This may be in the context of an employer and retaining certain employee data for a certain period of time, or it may be in the context of providing law enforcement agencies with data to aid with legal proceedings.
TO ASSIST YOU WHERE YOU MAY BE AT RISK
What Data we use: Name, Email, Address, Telephone Number, GP Information
How We will use Data: We may use your Data to assist where your health or life is in danger. We can use your data in this way because it protects your vital interests.
HOW LONG CAN WE KEEP YOUR PERSONAL DATA FOR
We may only keep your personal data for as long as it is required for one of the reasons detailed in the above section.
We have policies about how we keep/store your personal data. The periods differ depending on the period and the purpose for which we are using your personal data and the nature of the personal data.
How long we keep the data is determined by the period we need to keep it for in line with fulfilling the service and our legal obligations.
We typically retain personal data for approximately 7 years from the point we obtained the data however in some cases, such as legal requirements, we may be required to keep it longer.
When data is no longer required for its purpose, we ensure data is securely and irrevocably deleted from our system.
WHEN CAN YOU ASK US TO STOP USING YOUR DATA
We rely on consent and lawful basis for processing in order to fulfill the products and services we offer and also so we can contact you directly about the status of your product/service.
You can ask us to stop using your Data at any time, however in doing so we will be unable to continue providing the service.
In order to request that we stop using your data, you can send us an email at [email protected] stating that you wish for us to stop using your data immediately.
WHAT HAPPENS IF YOU DON’T GIVE US SOME OF YOUR DATA
It is entirely optional to provide consent for us to collect and process your data, however where you do not provide the Data we need in order to provide the requested Prohab service or to fulfill a legal requirement, we will not be able to fulfill the service requested.
HOW TO CONTACT US ABOUT THIS PRIVACY STATEMENT
You may contact us at any time via email or post to query anything that may have come up from reading this statement.
Address: Prohab Ltd, 21 Ludgate Hill, EC4M 7AE
Email: [email protected]
YOUR RIGHTS
We can be contacted at the addresses above for one or more of the following reasons:
- To ask Us to fix Personal Data about You that is wrong or incomplete, or delete Personal Data about You.
- To tell Us that You no longer consent to Us using Personal Data about You and to ask Us to stop. This would not invalidate Our use of the Personal Data prior to the withdrawal of consent.
- To tell Us to stop using Your Personal Data for direct marketing purposes.
- To ask Us to send You the Personal Data We have about You. This is sometimes called a “subject access request”.
On or after 25 May 2018, We can also be contacted at the address above for the following reasons:
- To ask Us to provide You with the Personal Data You have provided to Us. We will provide the Personal Data in a CSV formatted document so that another organisation’s software can understand that Personal Data. This is sometimes called a “data portability” right.
- To ask Us not to use Personal Data about You in a way that allows Our computer systems to make decisions about You.
- To request that We restrict use of Your Personal Data or to object to its use (including objecting to data used in Our “legitimate interests”).
Sometimes We will not be able to stop using Your Personal Data when You ask Us to (e.g. where We need to use it because the law requires Us to do so).
COMPLAINTS
You have the right to complain about how We treat Your Personal Data to the Information Commissioner’s Office (the “ICO”). The ICO can be contacted at:
- Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
- Telephone: 0303 123 1113 (local rate) or 01625 545 745
- Email: https://ico.org./global/contact-us/email/
CHANGES TO THIS PRIVACY STATEMENT
We may update this Privacy Statement from time to time. We will notify You of the changes where required by law to do so.
Last modified on 27/09/2019