1. WHO WE ARE
My Arkeo Ltd is a company registered in England and Wales (company number 11591732) with a registered office at 4a Petherton Road, London, United Kingdom, N5 2RD.
When you use our services, you’ll share some information with us. We want to be upfront about the information we collect, how we use it, who we share it with and the choices we give you to control, access and update your information. For the purposes of data protection legislation, we are the data controller of your personal data. We are registered with the Information Commissioners Office in the UK with reference number A8485743
We are committed to protecting and respecting your privacy. This notice sets out the basis on which any personal data we collect from you, or that you provide us, will be processed by us. Please read this privacy notice carefully.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to Jana Dowling or emailed to us at: email@example.com.
2.1. We keep to a minimum the information we hold about you;
2.2. We use your data to provide our services to you, respond to your enquiries, manage our relationship with you, meet our legal obligations, and improve our mobile application;
2.3. We delete your data when it is no longer needed for these things;
2.4. Generally, we do not give your information to third parties, but there are some exceptions;
2.5. You have lots of privacy rights;
2.6. We take security seriously;
2.7. We are happy to answer your questions about any of this.
3. THE PERSONAL INFORMATION WE COLLECT
We ensure that your privacy is respected at all times and our primary goal is to improve upon and make sure our services and messaging are relevant for all our users, while also ensuring that personal information of all users is respected and protected.
This privacy notice applies to the personal data we collect about you through the Arkeo mobile application (the App), our website (www.myarkeo.com), by telephone, or when you otherwise communicate with us. To learn more about the way these third parties handle your personal data, please see their respective privacy policies.
When you download the App, you will be required to create an account in order to access our service. If you proceed to create an account, you will be required to provide certain personal information to us in accordance with this privacy notice, in particular:
Identity data: your first name and last name, title and gender.
Contact information: your email address and phone number.
Profile data: your username and password, and any interests communicated to us to enable the personalisation of services and any feedback.
Health data: including any medication you take and symptoms
Marketing and communications data: your preferences in receiving marketing from us and our third parties and your communication preferences.
Third-party integration: our website connects directly with third-party websites such as the NHS so that we can better understand the use of our website, and to show you relevant content, including ads.
Billing information: we require you to provide your billing details, a name, address, email address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number). We use a third-party payment gateway to collect, store and process billing information. We do not store this information and all payment pages use TLS technology.
4. HOW WE USE YOUR PERSONAL INFORMATION
We must have a legal basis for processing your personal data. We consider that we have a legal basis where:
4.1. you have given us your consent to do so for specific purposes which we have told you about;
4.2. to fulfil our contractual responsibility to deliver the services to you through our App;
4.3. to pursue our legitimate interests of providing support and improving the services we offer and developing new service features;
4.4. to comply with a legal obligation; and/or
4.5. the law otherwise permits or requires it.
We have set out below a list of all the ways we may use your personal data and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.
In some cases we may use more than one legal basis for processing your personal data; this will depend on the specific purpose for which we are using your personal data. Please contact us if you have any queries about the specific legal basis that we rely on for processing your personal data.
5. SHARING AND TRANSFERRING YOUR PERSONAL INFORMATION
We may share your personal information with the third parties listed in the table below for the reasons specified to enable us to provide our services.
Your personal information may be stored and processed in any country where we engage service providers, including outside the EEA. Whilst these counties will have data protection rules that differ from the EEA, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your personal information remains protected to the standards described in this privacy notice.
We may also share anonymised information with third parties for learning purposes. This will not contain any personal information that is able to identify you as an individual.
If you would like further information about who we share your personal information with,please contact us at firstname.lastname@example.org.
6. RETAINING YOUR PERSONAL INFORMATION
We will keep your personal information for no longer than is necessary for the purposes for which it was obtained. The criteria for determining the duration for which we will retain your personal information is as follows:
6.1. We will retain your personal information in a form that permits identification only for as long as:
6.1.1. we maintain an ongoing relationship with you; or
6.1.2. your personal information is necessary in connection with the lawful purposes set out in this privacy notice for which we have a valid legal basis;
6.2. The duration of:
6.2.1. any applicable limitation period under applicable law (i.e. where we are required by law to keep your personal information); or
6.2.2. 24 months following inactivity of your account.
6.3. If any relevant legal claims are brought, we may continue to process your personal data for such additional periods as are necessary in connection with that claim.
During the periods specified in paragraphs 2(i) and 2(ii) above, we will restrict our processing of your personal information to the storage of, and maintaining the security of, that data, except to the extent that data needs to be reviewed in connection with any legal claim or obligation under applicable law.
After this period your personal information will be anonymised so that you are no longer identified or identifiable from such information, or securely deleted/destroyed.
We may retain personal information about you for statistical purposes. Where data is retained for statistical purposes it will always be anonymised, meaning that you will not be identifiable from that data.
7. KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way.
We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
This section explains how we will ensure that you only receive communications that you wish to receive.
We can only use your personal information to send you marketing messages if we have either your consent or it is a ‘legitimate interest’. A ‘legitimate interest’ is when we have a business or commercial reason to use your information
The personal information we hold about you is made up of what you tell us and the data we collect about you when you use our services, or data provided to us from third parties we work with. We study this to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
By consenting to receive additional communications (by telephone, or email) from us and any named third parties that feature at the point of obtaining consent in respect of such information, we will process your personal data in accordance with this privacy notice.
If you have provided your consent to receive marketing communications from us and you change your mind, you can change your preferences and unsubscribe at any time by unsubscribing from the relevant communication channel or by contacting us at email@example.com. If you choose not to receive this information, we will be unable to keep you informed of new products, services and promotions that may interest you.
We may send you communications such as those which relate to any service updates (e.g. App updates or enhanced features) or provide customer satisfaction surveys. We consider that we can lawfully send these communications to you as we have a legitimate interest to do so, namely to effectively provide you with the best service we can and to grow our business.
8. CONTROL OVER YOUR PERSONAL INFORMATION
Under the General Data Protection Regulation, you have a number of important rights available to you for free. In summary, those include rights to:
8.1. be informed about how your personal information is being used (hopefully this privacy notice explains this in sufficient detail but if not, please contact us);
8.2. access the personal information we hold about you;
8.3. request that we port elements of your data to another service provider;
8.4. request us to correct any mistakes in your information which we hold;
8.5. request the erasure of personal information concerning you in certain situations;
8.6. receive the personal information concerning you which you have provided to us, in a structured format;
8.7. stop any direct marketing which you can do through your account or the unsubscribe links at the bottom of emails;
8.8. object to decisions being taken by automated means concerning you or significantly affect you.
For further information on each of these rights, including the circumstances in which they apply, see thehttps://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you would like to exercise any of these rights, please:
8.9. email us at firstname.lastname@example.org;
8.10. let us have information to identify you;
8.11. let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
8.12. let us know the information to which your request relates.
9. HOW TO COMPLAIN
We hope that we can resolve any query or concern you raise about our use of your information. If you are not happy with how we manage your personal data, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/.
10. CHANGES TO THIS PRIVACY NOTICE
This privacy notice was published on 29 August 2019] and last updated on 29 August 2019.
11. HOW TO CONTACT US
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please send an email to email@example.com.