“Company” or the terms “we” or “us” or similar terms refer to Antara Health Limited. “You” or “your” or similar terms refer to you as a user of our services.
Personal Data – In General
Personal data refers to any information about you that can be used to contact or identify you and information on your use or potential use of the Site, our Mobile App or our Services, including, but not limited to, a first and last name, a personal profile, an email address or other contact information and all user submissions (collectively, “Personal Data”).
Your privacy is important to us, and we are committed to carefully managing your Personal Data in connection with the Services that we provide. It is important for you to understand, however, that this policy does not apply to the practices of companies and/or websites or other third party services that we do not own or control, or to individuals that we do not employ or manage.
We are dedicated to maintaining the privacy and integrity of the health data you provide us.
The data that we receive as part of your participation in Antara Health that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of healthcare to you, or (c) your past, present or future payment for the provision of healthcare, which is created, received, transmitted or maintained by Company (collectively, “Health Data”).
WHAT DATA DO WE COLLECT?
With your consent, we collect Personal Data and Health Data about you and your minor dependents.
Unless otherwise specified, the policies below apply to both you and your minor dependents.
We collect the Personal Data and Health Data you choose to provide us (e.g., through registrations, applications, use of the Services, your mobile phone, any devices that you use to collect health information (e.g. blood pressure cuffs, surveys, etc.). We also collect Personal Data from third parties when you authorize them to disclose such information to us. For example, you might authorize a clinical services provider to share information with us or use an app on your mobile phone to make steps, location, heart-rate or other data available to us. We also collect Personal Data in connection with your inquiries. Collection starts from the time that you initially access our Site or our Mobile App or use our Services. The data we gather in these ways enables us to administer your account, provide you with the Services, respond to your inquiries and send you communications regarding the Services and your access to and use of the same, obtain your feedback on our Site, our Mobile App and our Services, analyze user behavior and activity, personalize and improve our Services, conduct research activities, and contact you about the services that we offer.
We will ask if you want to share with us data about your exercise, diet, and other activities, or a medical device such as a blood pressure cuff or glucometer.
You can choose not to provide us with certain data, but that may result in our inability to provide you with our services.
PLEASE NOTE: Antara, its healthcare professionals and other authorized Antara personnel, will have access to your personal and health data, linking you to your diagnosis and/or reason for program participation.
In summary, we collect the following types of information:
- Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes email address and telephone numbers.
- Health Data includes health vitals, laboratory test results, medical history (including medications and medical conditions), diet, sleep or activity tracking and insurance information.
- Transaction Data includes details about physical and virtual appointments, chat and email messages, and payments to and from you.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Profile Data includes your username and password, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use the application and our services
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Anonymised Data: We may create anonymised data from information that you share with us, explicitly excluding identity and contact data, and use such de-identified data without restriction. When an applicable law requires that we use a particular method of anonymised data, we will comply with that law. Otherwise, we may use a method that is appropriate under the circumstances and would not reasonably identify you. We may use anonymised data in any way that is allowed by law. Some ways in which we might use such data include to understand, evaluate, or modify the Services; to use for our own business purposes; or to generate statistical information about the Services that we share with our customers and other third parties who are evaluating, analyzing, accrediting or researching Antara’s programs. We reserve the right to preserve and utilize a copy of your anonymised data in perpetuity, and in-accordance with the legal and industry standards of doing so.
Data Collected and Processed Automatically.
We receive and store certain types of data whenever you interact with the Site, the Mobile App and/or use the Services. We automatically receive and record data on our server logs from your browser, including your IP address, and the page you requested. In addition, we may use personal identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third party site or in an Antara-generated email presented to you (see also our “What About Tracking Technologies?” section below). We will also use your data to provide customer service and support.
Generally, the Services automatically collect usage data, such as the numbers and frequency of visitors to the Site and Mobile App and its components. We only use this data in an aggregated form (i.e., as a statistical measure), and not in a manner that would permit us to identify you personally. This type of aggregated data enables us to figure out how often users or customers use parts of the Site, Mobile App or Services so that we can make the Site, Mobile App and Services as appealing to as many users and customers as possible and improve our Services. We may provide this anonymised data, aggregate data to our partners and/or customers to identify how our users use our Site, Mobile App and/or Services. Again, we never disclose this data to a partner or customer in a manner that would identify you personally.
You may set your browser to refuse or disable these data collection methods, but doing so may change your experience with the Site, the Mobile App or the Services, diminish certain aspects of the Site’s or Mobile App’s functionality or render certain features of the Site, the Mobile App or the Services inoperable. For example, the Site may not recognize or respond to “do not track” technologies employed by your browser.
We use mathematical and statistical machine learning technologies to facilitate the delivery of our services and have technical and organizational measures in place to correct inaccuracies and minimize the risk of errors. These automated decisions are not used for any biased or discriminatory profiling.
App Chat and Email Communications.
We often receive a confirmation when you open an email or chat message from us if your device supports this type of program. We use this confirmation to help us make content more interesting and helpful. When you receive messages from us, you can opt out of receiving further messages by unsubscribing. However, by opting out of further communications after you enroll in the Services, you may limit program reminders and other valuable program content and components.
What About Tracking Technologies?
In addition to any data that you choose to submit to us via the Site, Mobile App or Services, we and our third party service providers may use a variety of technologies that automatically (or passively) store or collect certain information when you visit or interact with the Site, Mobile App or Services (“Usage Information”). This Usage Information may be stored or accessed using technologies that may be downloaded to your Device whenever you visit or interact with the Site, Mobile App or Services. To the extent we associate Usage Information with your Personal Data that we collect directly from you, we will treat it as Personal Data. Examples of Usage Information include: your IP address or other unique device identifier (e.g., a number that is automatically assigned to your Device used to access the Site which our computers use to identify your Device), your Device’s functionality (e.g., browser, operating system, mobile network information, etc.), the areas within the Site or Services that you visit and your activities there, your Device location, your Device characteristics and certain other data regarding your Device.
We may use various methods or technologies to store or collect your Usage Information, including your visits to or interactions with our Site, Mobile App and Services (“Tracking Technologies”). We may use these Tracking Technologies for a variety of purposes, including but not limited to uses deemed to be necessary or useful to assess the performance of our Site, Mobile App and Services (including as part of our analytic practices or otherwise to improve our Site, Mobile App and Services) or uses required to offer you enhanced functionality when accessing our Site, Mobile App and Services (including identifying you when you sign in to the Site or the Mobile App or keeping track of your specified preferences).
Tracking Technologies may include the following (and may include subsequent technologies and methods later developed which perform a similar function):
- Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Site, Mobile App and Services, such as the links that you click on. The code is temporarily downloaded onto your Device, is active only while you are connected to the Site or Mobile App, and is deactivated or deleted thereafter.
- Web Beacons. Small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”) may be included in pages and messages of our Site, Mobile App and Services. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or email can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including to count visitors to the Site, Mobile App and Services, to monitor how users navigate the Site, the Mobile App and Services, to count how many sent emails were actually opened or to count how many particular articles or links were actually viewed.
HOW DO WE USE YOUR DATA
We have set out below, in a table format, a description of all the ways we plan to use your Personal and Health Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your Personal and Health Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your Personal and Health Data where more than one ground has been set out in the table below.
WHO OWNS THE PERSONAL DATA YOU DISCLOSE TO COMPANY?
WHAT DATA DO WE SHARE?
Protecting your Personal and Health Data is an integral part of our business. We will not rent, sell or share your Personal or Health Data with other people or non-affiliated companies.
PLEASE NOTE: We will never disclose your Personal or Health Data to your employer without your express written consent.
- Affiliated Businesses We Do Not Control: In order to provide you with comprehensive health care and optimal user experience, we are affiliated and work closely with a variety of third-party health providers and other businesses, for example: laboratory test facilities, pharmacies. In certain situations, these businesses may sell products or services to you. In other situations, we may provide services or sell products jointly with affiliated businesses. You should be able to recognize when an affiliated business is associated with our service delivery and, throughout the course of service delivery, we will share your minimally necessary data that is related to the specific service delivery with that affiliated business. The Company only works with Affiliated Businesses with which Company has a contractual data processing or sharing agreement, or when the Affiliated Business’s data privacy practices correspond to that of Company’s.
- Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products and/or services to you. Without specific authorization and/or consent, we limit the rights of our agents to use Personal Information we share with them to that which is minimally necessary to assist us.
- Promotional Offers: We will never disclose your personal and sensitive personal data to other businesses for their marketing purposes, but we may send you offers that promote the products of other businesses. These offers will be intended to benefit you, your health, or your Antara experience. If you do not wish to receive these offers, you can unsubscribe from the messages or you can send an email with your request to firstname.lastname@example.org. We will process your request within a reasonable time, but you may receive additional offers as we process your request.
- Protection of Company and Others: We may release your Personal Information when we believe in good faith that such release is necessary to comply with applicable law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Company, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection, detection or suppression, and credit risk reduction. If necessary, we will make all legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information, including, without limitation, breaches of your unencrypted, electronically stored “personal data” or “health data” (as defined by applicable laws). To the extent permitted by applicable laws, we will make such disclosures to you via email or conspicuous posting on your private profile on the Site or the Mobile App in the most expedient time possible and without unreasonable delay, insofar as consistent with (a) the legitimate needs of law enforcement, or (b) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
With Your Consent: Except as set forth above, you will be notified when your data may be shared with third parties, and will be able to control the sharing of this information.
IS MY PERSONAL AND HEALTH DATA SECURE?
We employ industry standard administrative, physical and technical measures designed to safeguard and protect the data under our control from unauthorized access, use and disclosure. In addition, when we collect, maintain, access, use or disclose your data, we will do so using systems and processes consistent with information privacy and security requirements under applicable laws.
Furthermore, your individual user account is protected by a password/pin and/or one-time-password linked to your contact information for your privacy and security. To ensure that there is no unauthorized access to your account and data, we suggest that you safeguard your password appropriately and limit access to your computer and browser by signing off after you have finished accessing your account.
We exercise great care to protect your data. However, we cannot ensure or warrant the security and confidentiality of any tools, software, or equipment that you use to transmit information to us. For example, we cannot ensure that your email or mobile phone is secure. In addition, although we take great care to protect your data, we cannot guarantee that criminals and others acting unlawfully will not succeed in efforts to undermine the security we do employ to protect your information. Unauthorized entry, access, or use; loss; hardware or software failure; and other factors, may compromise the security of your data at any time. This is especially true for any data that you transmit to us via email or text message since we have no way of protecting that data until it reaches us. Email and text messages and the communication lines they travel over do not have the security features that are built into our Site and Mobile App and may not be secure. In addition, by downloading the Mobile App from a digital distribution platform such as the Apple App Store or Google Play (a “Mobile App Provider”), the Mobile App Provider and its agents may be able to identify you as a user of our Services. If you have reason to believe that your data or your interactions with us are no longer secure, or if you have privacy or data security related questions, you may contact us at email@example.com.
HOW LONG WILL YOU USE MY PERSONAL DATA?
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this data indefinitely without further notice to you.
WHAT LEGAL RIGHTS DO I HAVE?
You can always choose not to disclose information to us, even though it may be needed to take advantage of certain features of the Site, the Mobile App and the Services.
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. This request shall be processed within 7 days free of charge.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. This request shall be processed within 14 days free of charge.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. This request shall be processed within 14 days free of charge.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. This request shall be processed within 14 days free of charge.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. Please note that we may charge a reasonable fee for this request.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Request restriction of processing of your personal data. This request shall be processed within 14 days. Please note that we may charge a reasonable fee or decline your request if it is manifestly unfounded or excessive. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the data's accuracy.
- Where our use of the data is unlawful but you do not want us to erase it.
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
If you wish to exercise any of the rights set out above please contact us at firstname.lastname@example.org.
What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
QUESTIONS OR CONCERNS
If you have any questions, concerns or complaints regarding privacy on our Site or Mobile App or if you want to make a request to access or correct your Personal or Health Data, please contact our Privacy Officer by email: email@example.com