AVATR PATIENT APP Privacy Notice

 

Who we are

 

Inavya Ventures Limited (“Inavya”) is a limited company registered in England and Wales (registered no. 9444238).  Our registered office is 64 Southwark Bridge Road, London SE1 0AS. Inavya is required by law to protect your personal data. Inavya has developed the AVATR APP and service.

 

This Notice explains how Inavya collects, uses and processes the data that you provide to us. By clicking ‘yes’ below, you agree to the terms of this Notice.

 

How we collect personal data about you

 

The personal data we collect is the personal data you provide to us directly through the AVATR APP or by email if email is used to set up your user account. 

 

What personal data will we process about you and for what purposes

 

 

Specifically, we will collect the following categories of personal information about you:

 

A. Data that you provide voluntarily when you create an AVATR account and when using the AVATR APP:

1. Registration and contact information when you create an AVATR Patient App account, which includes your name, address, photo, telephone number, email address, and language preferences. 

We use this information to:

·         Create your account so you can use the AVATR Patient APP in accordance with our Terms of Use.

·         Identify and authorize you when you sign-in to your AVATR account.

·         Communicate with you using your email address or phone number when responding to enquiries about the use of the AVATR APP or to collect your views on AVATR.

·         To address our legal, statutory and regulatory obligations to you or otherwise; for example to notify you of changes or updates to the AVATR APP.

·         Inform you of notifications delivered to your mobile phone from aVATR.

 

2.            Emergency contact information for a person or people you would like your doctor to contact in the event of an emergency.

 

3.            Data concerning your health including your weight; whether you are or have been a smoker or diabetic; whether you have any disabilities, allergies or relevant medical conditions; whether you take any prescribed drugs; your heart rate, blood pressure, oxygen saturation, no. of sleeping hours and blood glucose readings.

We use this information to:

·         Create personalized care plans and to set up care plan reminders for you.

·         Detect breaches of medical protocols classified into red and amber alerts in your health data.

·         Notify your doctor of any such red and amber alerts.

·         Carry out analysis and research to develop and improve our AVATR service.

 

4.                   Your location. This is in order to provide location services to deliver location-contextualized recommendations of point of interest as a part of your care plan. You may opt out of sharing your geo-location by changing your mobile phone settings.

 

5.                   Your feedback on the AVATR service in order that we may carry out analysis and research to develop and improve the AVATR APP.

 

B. Information that we collect automatically:

1. Log data and Usage information. Our servers automatically collect log data when you access the AVATR service and this is recorded in log files. 

This log data may include the IP address, the date and time of use, language preferences, and device information (type of hardware and the operating system your mobile phone is using). Usage information about how you use the AVATR service may track your activity on the APP so we will know which features you utilise and when. 

We use this aggregated information to:

·         Protect you and Inavya from fraud or any illegal act or act in breach of any relevant law or regulation.

·         Better understand and optimize the AVATR APP in order to provide you with an improved user experience.

Your sensitive personal data

 

Any data that we collect about your physical or mental health or condition is classed as “special category data” and we are required to treat this with even more protection and greater confidentiality.

 

The anonymisation of your personal data

 

When collecting personal data from you, other than for the purposes listed above, we

will anonymise this data and we shall only process and share your data

in anonymous form. The process of anonymisation means that we will irreversibly

remove all data that could lead to you being identified.

 

We shall use your personal data in anonymised form for the following purposes:

 

• To carry out analysis and research to further develop and test the AVATR APP algorithms.
• To share with doctors who may carry out analysis and research to build new medical protocols for the AVATR service.

 

 

Why we are allowed by law to process your personal data

 

Our processing of your personal data requires a legal basis. 

 

We will not process your personal data if we do not have a proper justification foreseen in the law for that purpose. Therefore, we will only process your personal data if: 

 

• We have obtained your prior consent.

• The processing is necessary to perform our obligations towards you.
• The processing is necessary to comply with our legal or regulatory obligations.
• The processing is necessary for our legitimate interests and does not unduly affect your interests or fundamental rights and freedoms. 

 

How we share your personal data

 

In terms of your personal data which has not been anonymised, this data can be accessed by, or transferred to the following categories of recipients, on a need to know basis to achieve such purposes:

 

• Our personnel.
• Our IT systems providers, cloud service providers and consultants.
• Your doctor participating in the AVATR service.

 

The above third parties are contractually obliged to protect the confidentiality and security of your personal data, in compliance with applicable law. 

 

Your personal data can also be accessed by or transferred to any national and/or international regulatory, enforcement, public body or court, where we are required to do so by applicable law or regulation or at their request.

 

Your personal data will remain in the EU or countries considered by the EU to have equivalent policies.

 

How long we will keep your personal data

 

We will only retain your personal data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal or regulatory requirements.

 

How we protect your personal data

 

We protect your personal data against unauthorised access, unlawful use, accidental loss, corruption or destruction.

We use technical measures such as encryption and password protection to protect your data and the systems they are held in. We also use operational measures to protect the data, for example by limiting the number of people who have access to the databases in which your data is held.

We keep these security measures under review.

 

Your rights

 

In general, you have the following rights: 

 

• You can obtain an overview of your personal data which we have collected and processed and obtain a copy.
• You can require that we update or make any corrections to your personal data that we hold.
• You can require that we delete or destroy your personal data that we hold.
• You can require that we stop or limit the processing of your personal data.
• You can withdraw your consent to the processing of your personal data at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent.
• You can submit a complaint about how we process your personal data to XXX.  

 

Your rights to access, change or move your data are limited, as we need to manage your data in specific ways in order for the research we are conducting to be reliable and accurate. If you withdraw from this research, we will keep the data about you that we have already obtained. To safeguard your rights, we will use the minimum personally identifiable data possible. 

 

If you are not satisfied with our response or believe we are processing your personal data in a way that is not lawful you can complain to XXX.