mySkinHealth – Eczema Mobile App
The mySkinHealth-Eczema (“mobile app”) is operated by Fontus Health Ltd and we take your privacy very seriously. Fontus Health Ltd (“we” or “us”) are a ‘data controller’ for the purposes of the General Data Protection Regulation (GDPR).
This policy explains when and why we collect personal information about you, how this information is used, the conditions under which it may be disclosed to others and how it is kept secure.
This policy may change from time to time so please check this screen occasionally to ensure that you’re happy with any changes.
This privacy statement was last updated on 8 June 2021.
The following information is provided to comply with the requirements of the General Data Protection Regulation.
This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. If you are providing information on behalf of someone else please ensure that consent to the processing of their personal data is obtained before submitting any information. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
How We Use Your Personal Information
The purpose for which personal information is processed may include any or all of the following:
- Verify identity where this is required
- Deliver services and meet legal responsibilities
- Communication by post, email, telephone or push notification
- Understand needs and how they may be met
- Maintain records
- Process financial transactions
- Prevent and detect crime, fraud or corruption
- Provide you with suggestions and advice on products, services and how to obtain the most from using our mobile app
- May also need to use data to defend or take legal actions related to the above
Lawful Basis for the Processing
To comply with our legal obligations under statute and other regulatory obligations related to the insolvency process. We also believe we have a legitimate interest in the information being supplied.
What Personal Information We Hold
The categories are: name, address, email address, telephone numbers, date of birth, gender, title, health/medical/disability history and information, GP/Hospital details, online identifiers, mobile device identification, recruitment tests and employment history.
Who We Share Our Data With
Personal data held by us may be transferred to:
Third party organisations that provide applications/functionality, data processing or IT services to us.
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres based in the UK, and personal data may be stored in any one of them.
Third party organisations that otherwise assist us in providing goods, services or information i.e Auditors and other professional advisers, Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
How Long We Retain Your Personal Information
We retain personal data for as long as is necessary to achieve the purpose listed above and for any other permissible related purpose. For example, we retain most records until the time limit for claims arising from the activities has expired or otherwise to comply with statutory or regulatory requirements regarding the retention of such records. Records will be retained for a minimum of 6 years.
Where We Store Your Personal Information
On occasion, the information you provide to us may be transferred to countries outside the European Economic Area (EEA). By way of example, this may happen where any of our servers or those of our third party service providers are from time to time located in a country outside of the EEA. These countries may not have similar data protection laws to the UK. Where possible, we will seek to work with service providers whose servers are located within the EEA.
If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on the recipient of your personal information or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please contact us using the details at the end of this policy for more information about the protections that we put in place.
The GDPR provides the following rights for individuals:
- Right to inform
This privacy notice meets our requirement to inform you of our processing of your data.
- Access to personal data
You have a right of access to personal data held by us as a data controller. This right may be exercised by contacting us at Fontus Health Ltd, 60 Lichfield Street, Walsall WS4 2BX, Telephone: 0121 661 4615, Email: firstname.lastname@example.org. We will aim to respond to any requests for information promptly, and in any event within one month.
- Amendment of personal data
To update personal data submitted to us, you may email us at email@example.com or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered.
- Rights that do not apply in these particular circumstances
Not all of the rights under the GDPR are available as one of the reasons we are holding your data is on the basis of it being a legal obligation and therefore the right to erasure, data portability and to object do not apply.
Right to Withdraw Consent
In some circumstances you may be entitled to withdraw your consent to the processing of your personal information (where processing your personal information was based on your consent). If you would like to exercise your rights please get in touch with us using the contact details below. Alternatively your data will be deleted upon uninstalling the mobile app.
Changes to Our Privacy Statement
We keep this privacy statement under regular review and will place any updates on our website. Paper copies of the privacy statement may also be obtained by writing to us at Fontus Health Ltd, 60 Lichfield Street, Walsall WS4 2BX.
This privacy statement was last updated on 8 June 2021.
Should you want to complain about our use of personal data, please contact us either at Fontus Health Ltd, 60 Lichfield Street, Walsall WS4 2BX, by Telephone: 0121 661 4615, or Email: firstname.lastname@example.org
You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the https://ico.org.uk/your-data-matters/raising-concerns/
Who Provided the Personal Data
The personal data we have used to contact you was provided by the company/individual (or persons acting on their behalf) on whose instructions we are acting or in relation to which our insolvency practitioner has been appointed. We also access information from the Registrar of Companies and other similar public-access data providers.
Links to Other Websites
Our mobile app may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website/mobile app. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Cookies Used by This Mobile App
Our Use of Marketing
We may collect and process your preferences to receive marketing information directly from us by push notification or within the mobile app.
If you place an order with us for a product or service, we may contact you with marketing information in the ways mentioned in the notices presented to you as part of that transaction, except where you indicate you prefer otherwise.
We may use a third party to provide us with re-marketing services from time to time. We will only share your information with our third-party partners for them to contact you directly with marketing information about their products and services where you have indicated.
Changes to This Policy
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website/mobile app. We recommend you regularly check for changes and review this policy. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our services.
Please direct any queries about this policy or about the way we process your personal information to the Data Controller using the post and email details below.
If you wish to write to us, please write to us at:
Data Controller, Fontus Health Ltd, 60 Lichfield Street, Walsall WS4 2BX.
Our email address for data protection queries is email@example.com
If you wish to update your preferences by email rather than contact us, login to your account.
If you would prefer to speak to us by phone, please call 0121 661 4615.