Privacy Policy

Introduction

This is the privacy and cookies policy for https://www.demdx.com/ (our “Site”) and each of our mobile applications that we make available from time to time (“App(s)”). This policy, together with the End User Licence Agreement (“EULA”) form the basis of our contract with you. The Site is operated, and the Apps are provided, by DemDX Limited (we, us and our). We are a limited company, registered in England. Our registered office is at 7 Crane Grove, London, United Kingdom, N7 8LB.

For the purposes of the Data Protection Act 1998 and the General Data Protection Regulation (“GDPR”) (together “Data Protection Laws”), we are the data controller.

We are committed to protecting your privacy on-line. We appreciate that you do not want the personal information you provide to us distributed indiscriminately and here we explain how we collect information, what we do with it, our legal basis for processing and what controls you have, in accordance with the Data Protection Laws.

We may make our Services available to you by a third party (such as your university or your employer) (an “Institution”) or you may download our App directly from a third party app store on your mobile, tablet or other electronic device. Please check any third party privacy policies to confirm how they will treat your personal data. Where your means of access to the Site or an App impacts upon how we treat your information, we have highlighted this below.

By using the Site or any App, you agree to the collection and use of information in accordance with this privacy policy.

We reserve the right to change this privacy policy from time to time by changing it on the Site or by updating the relevant App. This privacy policy was last updated on 24th April 2018.

Information we may collect from you

We may collect and process the following information about you: information (such as your name, email address, geographical location, job title, hospital/medical institute and telephone number) that you or an Institution provide by completing forms on the Site or any App, including if you register as a user of the Site or any App, subscribe to any service, upload or submit any material via the Site or any App, request any information, or enter into any competition or promotion we may sponsor; if you purchase a subscription to an App, you must provide valid payment card information. This information is collected directly by our payment vendors in accordance with the EULA;

in connection with an account sign-in facility, your log-in and password details; communications you send to us, for example to report a problem or to submit queries, concerns or comments regarding the Site or any App or its content; content you upload onto the Site or App, e.g. your notes. This information is private and will not be made available for other users. You are not permitted to submit User Content that contains personal data and if you do so you will be wholly responsible for any breach of applicable Data Protection Laws. For more information on this restriction, please see the EULA; information from surveys that we may, from time to time, run on the Site or any App for research purposes, if you choose to respond to, or participate in, them.

You are under no obligation to provide any such information. However, if you should choose to withhold requested information, we may not be able to provide you with certain services.

Authentication of users via NHS Care Identity 

Please note that if you access our service using your NHS Care Identity credentials, the identity access and management services are managed by NHS Digital. NHS Digital is the controller for any personal information you provided to NHS Digital to get a national digital identity and authenticate your claim to that identity, and uses that personal information solely for that single purpose. For any personal information, our role is a “processor” only and we must act under the instructions provided by NHS Digital (as the “controller”) when verifying your identity. To see NHS Digital’s Privacy Notice and Terms and Conditions, please click [https://digital.nhs.uk/services/nhs-care-identity-service-2].  This restriction does not apply to the personal information you provide to us separately which is managed in accordance with our Privacy Policy.

Information we collect and/or process about third parties

We may, from time to time collect and/or process the following information, which you provide to us, about third parties:
where we run referral programmes or similar initiatives, such as a “Tell a Colleague” programme, in which we invite you to provide us with the contact details of someone who is known to you who may find our services to be of interest. We will only use those contact details for the purpose of the relevant initiative (and not for general marketing purposes); 
where you elect to send a summary page of App or Site content to someone you know, whether by email, social media or otherwise. We only process this information and do not collect email addresses when you send a summary page in this way.

By providing us with their details, you confirm that you have their permission to do so and must not provide us with the details of anyone from whom you do not have such permission. We reserve the right to identify you as the person who has made the referral in the message that is sent to them.

Automatic collection of information

When you visit the Site or access or use any App, we may automatically collect additional information about you, such as the type of internet browser or mobile device you use, any website from which you have come to the Site and your IP address (the unique address which identifies your computer or mobile device on the internet) and your operating system, which are automatically recognised by our web server. We may use this information to assess your interaction with the Site or App in order to allow us to make improvements.

Cookies

When you interact with the Site or any App, we try to make that experience simple and meaningful. When you visit our Site or access or use any App, we use user authentication tokens (Auth0) and Google Analytics to track all activity. Google Analytics use cookies to track your activity, which are small pieces of information issued to your computer or mobile device (as the case may be) when you visit the Site or App and which store and sometimes track information about your use of the Site or App. A number of cookies we use last only for the duration of your web or App session and expire when you close your browser or exit the App. Other cookies are used to remember you when you return to the Site or App and will last for longer.

We use Google Analytics to remember that you have visited us before; this means we can identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get; customise elements of the promotional layout and/or content of the pages of the Site or App; collect anonymous statistical information about how you use the Site or App (including how long you spend on the Site or App) and where you have come to the Site or App from, so that we can improve the Site and learn which parts of the Site and which functions of the App are most popular with users; and gather information about the pages on the Site that you visit or the functions of the App you use, so we can provide you with a better service”.

For more information about the way that Google Analytics uses cookies, please visit: http://analytics.google.com. Most web and mobile device browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or mobile device. Please note, however, that by blocking or deleting cookies used on the Site or App, you may not be able to take full advantage of the Site or App (as the case may be).

Uses made of your information

We will use the information you provide to enable us to provide you with the services and information offered through the Site or App and which you request;
send you information about updates, events and to invite you to participate in product testing;
administer your account with us; audit the downloading of data from the Site or App; improve the layout and/or content of the pages of the Site or App and customise them for users; identify visitors to the Site or App; carry out research on our users’ demographics; and send you information we think you may find useful or which you have requested from us, relating to our products and services.

You can tell us not to contact you with information regarding our products and services or those of third parties or to share your details with third parties so that they can send you information regarding their products and services, either at the point such information is collected on the Site or Appl (by checking or un-checking (as directed) the relevant box) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you. You can also exercise the right at any time by contacting us using the Contacting us details at the end of this privacy policy.

Data Sharing

We may disclose aggregate statistics about visitors to the Site, survey respondents and users of the Apps in order to describe and provide services to prospective partners, research publications, Institutions, advertisers, sponsors and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifiable information.

Where you access our Services via a third party and you have given consent for that third party to track your use of the Services as part of your access and use of the third party’s portal, we may share our tracking data with the third party in accordance with any agreement we have in place with them .

Disclosure of your information

Affiliates. We may disclose your personal information to any of our affiliates, or to our agents or contractors who assist us in providing the services we offer through the Site or any App, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks, from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.

Third party purchaser. In the event that we undergo re-organisation or are sold to a third party, you agree that any personal information we hold about you may be transferred to that re-organised entity or third party.

Legal purposes. We may disclose your personal information if required to do so by law or if we believe that such action is necessary to prevent fraud or cyber crime or to protect the Site or any App or the rights, property or personal safety of any person. Enforcing our rights. In the event that we are required to take action to enforce the terms of this Privacy Policy or the End User Licence Agreement.

Legal basis for processing

General. Except in relation to direct marketing and surveys, we process all personal data in order to perform the contract for services entered into with you under our End User Licence Agreement.

Marketing. We will only contact you (via email) where you have downloaded our App or otherwise signed up to use our Services. These communications will relate to the Services which you have signed up to use. You can stop these communications by contacting us here: info@demdx.com. You will only receive push notifications where you click “Allow” when first using the App, but these can be turned off by adjusting your settings Any ancillary processing required to conduct the marketing, such as profiling, is carried out for the interest of improving the user experience.

Surveys. We process your personal data in relation to survey responses which you have submitted as a legitimate interest of our business. Data volunteered within a survey response will be processed (and may be shared) in accordance with this Privacy Policy.

Location Information and Other Information from Devices

When signing up to use our Services you have the option to select your location using the location feature of your device or by entering your location manually.

We may use this information in order identify geographic trends.

We also use cookies to track the location of App users via Google Analytics. This use of cookies can be blocked as per the cookie section above.

Child safety

Protecting the safety of children when they use the Internet is very important to us. The Site and the App are only intended for use by individuals who are 18 years of age or older. Please see the EULA for more information. 
External links
The Site and Apps may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites.

Security

We place great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal information. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the Site or any App whilst it is in transit over the internet and any such submission is at your own risk.
It is advisable to close your browser when you have finished your user session to help ensure others do not access your personal information if you use a shared computer or a computer in a public place.

Storage of your information

This Privacy Policy is intended to cover collection of information of international users. Information that you submit via the Site or any App is sent to and stored on secure Amazon Web Services servers located in the European Economic Area (“EEA”) and will not be transferred outside the EEA without obtaining your consent.

When we delete your information

We may keep any content which you have uploaded via the Site or App which does not constitute personal data indefinitely under the perpetual licence described in the EULA.

If you no longer require our services then we will delete your information within 30 days from the date you close your account.

We will retain some limited information if it is required for auditing purposes which may include IP addresses and user login information but we will never retain any financial information.

Methods of communication

We may contact you for the purposes described in this Privacy Policy by email, Push notification or other communication methods depending on both the information and consents you provide to us.

Access to your information

The Data Protection Laws give you the right to access information held about you. Your right of access can be exercised in accordance with the Data Protection Laws by contacting us at info@demdx.com.

Right to request your information is deleted or updated

If we no longer have a legal basis to process your personal data or if the legal basis that we are relying on is consent and you subsequently withdraw your consent then we will stop processing your personal data.

To the extent that you no longer wish to be contacted by us we will need to maintain a record of that to ensure that we do not contact you again in the future.

You are responsible for ensuring that any third party request to be forgotten is applied to any third party personal data that you send to us, we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any third party requests to be forgotten.

If you believe any of your personal data that we process is inaccurate you are entitled to contact us to correct any inaccuracies at [info@demdx.com] and we will correct such inaccuracies.

Contacting us

Please submit any questions, concerns or comments you have about this privacy policy or any requests concerning your personal data by email to info@demdx.com