Sciensus Cancer Companion and SciensusPRO Privacy Notice
Introduction
The following Privacy Notice explains how we Sciensus Pharma Service Limited, (Sciensus) intend to use the information you have provided to us, and we have captured through our products and services, along with your rights, our reason for requesting it and who will have access to it.
This notice is regularly reviewed, and changes made from time to time. Any changes we make, we will notify you via a notification on the App or by email to the email address associated with your account.
By continuing to access or use our services after those changes become effective, you agree to be bound by the revised Privacy Notice. If there is a material change in the purpose of the data processing you have consented to we will re-obtain consent through acceptance of a revised Privacy Notice.
Sciensus do not make significant decisions based solely on automated processing unless that decision is required or authorised by law.
We are registered with the Information Commissioners Office and our registration number is ZA527482.
If you have any questions relating to this notice, please contact our Data Protection officer on
Telephone number: 0800 917 4980
Email Address: DPO@sciensus.com
Address: 107, Station Street, Burton Upon Trent, DE14 1SZ.
We will collect some identifiable information from the use of our Cookies. If you would like to read more about this, please see the cookies section with this notice.
Where we get your Information
Sciensus acts as a data controller for the information you provide or that is collected by Sciensus or its partners. We collect this information to operate effectively as a business and provide you, with tailored services and products.
From You – When you complete our forms, contact us, subscribe/register to our services, search our products, participate in surveys or competitions or submit a query to us. |
Healthcare provider/Care giver/Charity or patient – Where they have provided you with an access code to input when you download the Sciensus Cancer Companion Mobile app. |
Third parties – We may receive information about you from third parties where you decide to allow their wearable devices to connect with our service. |
Legal – Solicitors, Legal Representatives acting on your behalf or managing any claim. |
Regulators – Where you have approached them independently to act on your behalf |
Research and Survey companies – when we supply limited information e.g. name and contact details to carry out these activities on our behalf. |
Parent, Guardian or Responsible Person – assigned and recorded to act on behalf of a paediatric patient (infant, children and adolescents) or someone who lacks capacity |
How we use your information
We receive your information from many sources to deliver our services to you and we collect and process personal information about you from these sources.
We primarily use your personal information in the following ways:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Please see what personal information we collect on you, including the lawful grounds for us to process your information:
Type of Data | What is our lawful ground for processing? |
Personal data
· Name, email address and telephone number · Date of Birth · Gender · Demographic information · NHS number (healthcare provider) · Appointment reminders/schedules · Relationship to patient (carer support) · Job Title (carer support) · Location (carer support) · Device IP Address (geo-restrict certain content) |
Article 6 (A) Consent
The individual (you) has given clear consent for Sciensus to process their personal data for a specific purpose. Article 6 (F) Legitimate operational interest Non personal identifiable information to help Sciensus fulfil its operational and contract requirements. |
Health Information
· Details of cancer diagnosis/treatment course and cycles · Medication · Symptoms and side effects · Weight · Information about your physical wellbeing · Information relating to your nutritional wellbeing (Activity/hydration/nutrition etc) · Blood pressure/heart rate/Weight/sleep · Ethnicity |
Article 9 (A) Explicit Consent
The individual has given explicit consent for Sciensus to process their personal data for a specific purpose. |
Pseudonymised (personal information which has been replaced and can only be identified using a key) & Anonymised data (Non identifiable information) | Article 6 (F) Legitimate operational interest
Non personal identifiable information to help SPSL fulfil its operational and contract requirements. |
Who we will share your information with
We want to maintain your trust and protect your personal information, and when we share your personal information, we are doing so because it is essential to enable Sciensus to provide products and services to you.
In “Where we get your information from” section we have detailed the sources from which we may receive personal information about you, but we also share your personal information with the same sources, including partners and suppliers which work on behalf of us.
|
|
|
|
|
|
|
|
Anonymisation and aggregated information
We share information with our partners, oncologists, research institutions, pharmaceutical companies and other organisations in the medical sector. The information is fully anonymised and aggregated so it will not identify you. We will only share your personal information where you have provided explicit consent to do so.
We may also share with our commercial partners aggregated information that does not personally identify you, but which shows general trends, for example, the number of users of our service.
How we keep your information safe
Sciensus is committed to protecting the security of Personal Information by endeavouring to ensure appropriate technologies and processes are maintained to avoid unauthorised access or disclosure. We utilise, for all data storage and processing purposes, Amazon Web Services (“AWS”), Google’s G Suite and Google Cloud. Specifically, all our AWS storage containers and databases are located in London (UK) (with possible transit through US/EU storage containers). All Personal Information collected by Sciensus software products is encrypted to the highest possible degree both when it is stored in our databases and when it is being transmitted.
How long we keep your information for
We will keep your personal information in our database for as long as you wish to remain on our database in order to receive the benefits of our services. If you have exercised your rights to erasure, we will remove your personal information from our database within one month. If you do not exercise your right to erasure Sciensus will retain your data for a minimum of 30 years, after which personal information will be deleted, and non-personal data will be stored anonymously.
Engagement data, cookies and other data collection
When you begin to use our software or services, we monitor engagement and feature usage on our platform by recording every interaction you have with products you are registered on. This includes, but is not limited to, page visits, content viewed and logs made on our platform.
We also judge your location based on your IP address during registration and for opt-ins. In addition to IP address, our platform automatically collects data about your device, including the model, platform, locale code and UUID (universally unique identifier) every time you visit the Sciensus website or use our software. This information may also be collected in combination with an identifier associated with your device to enable us to recognise your mobile browser or device when you return to the site or our software.
Sciensus uses cookies (on our SciensusPRO web app, not currently used on the Sciensus Cancer Companion mobile app) and similar technologies to allow us to store your personal preferences and settings; optimise login processes; maintain a high level of security and to monitor and analyse performance of our online services. On our website, we may use traffic log cookies to track pages you view. The purpose of this is to analyse web page traffic in order to further optimise the journey users must undertake to access content that is relevant to them. You may adjust the settings on your browser to refuse cookies, however, this may lead to limited access to our online services.
In addition to cookies, we may log information about your device, including the existence of cookies, your IP address and information about your browser. The purpose of this information collection is to diagnose service issues and to administer and track your usage of our platforms.
Information about your visit may include the full Uniform Resource Locators (URL), clickstream to, through and from the site, and any phone number used to call our customer service number or social media handle used to connect with our customer service team.
Your Rights
You have a number of rights regarding how Sciensus use your data including the Right to: Access, Rectify, Erase, restrict, transport, and object to the processing of your personal information.
These rights will not all apply in every situation but to exercise them at any time, have a complaint or just have a question contact us on the following:
Information Governance & Security Team
Telephone number: 0800 917 4980
Email Address: DPO@sciensus.com
Address: 107, Station Street, Burton Upon Trent, DE14 1SZ.
Your right of access
You have the right to ask us for copies of your personal information we hold on you, whether in paper or electronic form. Each request will be dealt with on an individual basis.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances, including automated processing and profiling and where automated processing operations are taking place for human intervention.
Your right to object to processing
You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability
You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances where it is technically feasible. This is not an absolute right and may not be possible on all occasions.
Your right to complain to the data protection regulator
You also have a right to lodge a complaint with the relevant data protection regulator if you believe your personal data is not being processed in accordance with applicable data protection law. To contact the Information Commissioners Office Click Here.
The Information Commissioners Office normally ask you to raise your concerns firstly with us, but it is important you know you can go directly to the Regulator in the first instance.