My Clinical Outcomes
Twitter Facebook

PRIVACY POLICY

MY CLINICAL OUTCOMES LTD (trading as MyClinicalOutcomes) (“we” / “us” / “our”) is committed to protecting and respecting your privacy.

This privacy policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This privacy policy also sets out your rights in relation to the personal data which we hold about you.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of data protection law, including the UK Data Protection Act 1998 (DPA) and (from 25th May 2018) the EU General Data Protection Regulation (GDPR), MY CLINICAL OUTCOMES LTD is the data controller and is registered with the Information Commissioner’s Office with notification number Z3406743.

Personal information we may collect

We may collect and process any of the following information about you, some of which is “personal data” as defined in data protection law. Personal data is any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data):

Information you give us.

You may give us information about yourself by amongst other things filling in forms on our website at www.myclinicaloutcomes.com, or any other prefixed URL by which our services may be accessed (our “Site”). This includes information at the time of registering to use our Site or requesting further information from us. We may also ask you for information when you report a problem with our Site or our services. If you contact us, we may keep a record of that correspondence.

The information you give us may include: (a) your name; (b) your date of birth; (c) your gender; (d) your postal address; (e) your telephone number and email address; and (f) information about your medical condition(s) and treatment(s). Some of this information constitutes “sensitive personal data” as defined in data protection law (or “special categories of data” under the GDPR). By registering to use our Site and our services, you explicitly consent to our processing of your sensitive personal data or special categories of data as described in this privacy policy.

Please note that certain categories of information are mandatory in order to register with our Site and to use our services. We may collect and process further personal information if you update any information on your account.

Information we collect about you.

Each time you visit our Site we may collect technical information about your computer for system administration and to report aggregate information to third parties, including the internet protocol (IP) address used to connect your computer to the internet, browser type and version, browser plug-in types and versions, operating system and platform. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.

Cookies

Our Site uses cookies. By using our Site and agreeing to this privacy policy, you consent to our use of cookies in accordance with the terms of this privacy policy.

Use of cookies by MyClinicalOutcomes

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently.

The table below explains the cookies we use and why.

Cookie

Name

Purpose

Google Analytics

_utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site, which we use to help improve it. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Session cookie

ASP.NET_SessionId

This cookie is used during the sign up process, its essential to the workings of the site, no personal information is stored within this cookie.

Authentication cookie

.ASPXAUTH

This cookie is set when you log into our system, its essential to the working of the site, so we can help identify you once logged in

Cookie consent

CookieConsent

This cookie is set when you acknowledge how cookies are used on MyClinicalOutcomes

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

YouTube cookies

We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page.

Storage of your personal data

By submitting your personal data, you agree to our storing and processing it. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy policy. All patient identifiable information we collect is automatically encrypted using an industry standard AES algorithm and is stored on or within servers which are secure and comply with ISO 27001. Safety features to protect information against unauthorised access in the event a portable device with access to the patient identifiable information is lost or stolen are in place and systems are capable of withstanding a determined and intelligent attempt to access the information without permission.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Uses made of the information

We only use your personal data in accordance with data protection law and where we have a lawful basis to do so, as set our below:

  • (On the lawful basis of our legitimate interests) to ensure that content from our Site is presented in the most effective manner for you and for your computer;
  • (On the lawful bases of our legitimate interests and your consent) to provide you with information or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
  • (On the lawful basis of contract) to provide you with services that you request and to carry out our obligations arising from any contracts entered into between you and us; and
  • (On the basis of our legitimate interests and contract) to notify you about changes to our services.

Where we rely on the lawful basis of legitimate interests (or those of a third party), we will first consider and ensure that those interests do not override your interests and fundamental rights.

Where we rely on your consent for processing any personal data, we will first ensure that you have been provided with the opportunity for such consent to be freely given, specific and informed and that you are aware of your right to withdraw consent at any time (noting that where consent is required for us to provide the information or services you request from us, if it is later withdrawn, we will be unable to provide such information or services).

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us (using the contact information set out below).

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Contact with you

If you are a registered user and have agreed to our patient terms and conditions, we will only contact you by electronic means (email or text) with information about services similar to those which were the subject of a previous agreement with you.

If you are not a registered user we will contact you by electronic means only if you have consented to this.

Disclosure of information about registered users

We will only disclose information about registered users to third parties: (a) who are named as doctors on the form used to collected registered users’ information; (b) who work within the hospital or clinic identified on the registration form; or (c) who are authorised by the named doctor(s) and/or hospital or clinic, provided that registered users have consented to their information being used in this way.

We will only disclose information about registered users to third parties who are named as doctors on the form used to collect registered users' information, or authorised by them, provided that registered users have consented to their information being used in this way.

Unless otherwise notified we do not disclose information about identifiable individuals to any other third parties, including but not limited to hospitals and pharmaceutical manufacturers, but we may provide them with aggregate information about our users (for example, we may inform them of the number of patients who had a particular type of operation at a particular hospital), only in such cases as there are no other contractual restrictions on our doing so.

We require all third parties to respect the security of your personal data and to treat it in accordance with data protection law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Disclosure of your information

We may disclose your personal information to third parties:

  • to provide you with services that you request and to carry out our obligations arising from any contracts entered into between you and us;
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets in order to continue providing the service;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirement, or in order to enforce or apply our terms of use or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of our users, or others.

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information or services from us and, in each case, you have not opted out of receiving that marketing.

Third-party marketing

We will get your express opt-in consent before we share your personal data with any third-party for marketing purposes.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us (using the contact information provided below) at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as part of your contract with us for the provision of our services.

Third party sites

Our Site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your rights

Under certain circumstances, you have rights under data protection law in relation to your personal data. You have the right to:

  • object to us processing, or ask us to restrict our processing of your personal data for any of the purposes listed in this policy, at any time by contacting us at info@myclinicaloutcomes.com.
  • ask us to update and correct any out-of-date or incorrect personal information that we hold about you free of charge.
  • access information held about you. Your right of access can be exercised in accordance with data protection law (see further information below on subject access requests).
  • ask us to erase your personal data (in certain circumstances).
  • Request a transfer of your personal data (in certain circumstances).

If you wish to exercise any of the above rights, please contact us (using the contact information below).

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the opportunity to first deal with any concerns you may have before you approach the ICO, so please contact us (using the contact information provided below), in the first instance.

Subject Access Requests

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to the data protection officer at info@myclinicaloutcomes.com

MY CLIINICAL OUTCOMES LTD. (Trading as MyClinicalOutcomes)
23 Skylines Village, Limeharbour, London, E14 9TS

Thank you for visiting our Site.

Last updated April 2018