Sirik Ltd

PRIVACYPOLICY FOR PATIENTS

This PrivacyPolicy (“Policy”)sets out the basis on which the images collected from you via the ClinicalCam® App will be processed by your health practitioner.

For the purpose of the General Data Protection Regulation (“GDPR”) the Data Controller isthe health practitioner or organisation whose details are included on the consent form.

YOUR PERSONAL INFORMATION
Information your health practitionercollectsfrom you via ClinicalCam®

Your health practitionercollects and process some or all of the following types of information from you via ClinicalCam®:

  • Name and email address
  • Photographic images of you, relating to a medical condition
USES MADE OF YOURINFORMATION
Lawful basis for processing and purposes of processing

Your health practitionerobtains your consent for all uses of your personal data via the App, and this is recorded within the App.

Your health practitioner will only use your data within the App for the following purposes:

  • To take a temporary record of medical condition on the App
  • To send you service and administrative messages for example copies of privacy policy, pictures or consent forms as requested by you.
DISCLOSURE OF YOUR INFORMATION

The health practitioner or any other health service may transfer this data to any other entity,as notified to you by the health practitioner or health service, and such transfer would be covered by another Privacy Notice to be provided by the health practitioner or other health service.

You may write to your health practitioner to withdraw your consent to their use of your personal data within ClinicalCam® at any time and we will remove your personal data from the ClinicalCam® App.

Your health practitionermay pass your information to our third party service providers (including the administrators of the ClinicalCam® app), agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (e.g. to provide the app).

Your health practitionermay also disclose your personal data to third parties:

  • if theyare under a duty to disclose or share your personal data in order to comply with any legal obligation; or
  • to protect your vital interests.
STORING YOUR PERSONAL DATA
Security

We take appropriate measures to ensure that any personal data are kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine professional need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.

Keeping your personal data up to date

If your personal details change you may update them by contacting Us using the contact details below. If you have any questions about how We use data collected which relates to you, please contact Us by sending a request by email to the contact details below.

We will endeavour to update your personal data within a reasonable time of any new or updated personal data being provided to Us, in order to ensure that the personal data We hold about you is as accurate and up to date as possible.

How long we keep your personal data and how long we keep your personal data

All personal data will be held on the device on which you gave your consent for a maximum of 24 hours after the last image is taken. Thereafter if it is processed or transferred to any other device it will be held in accordance with the applicable Privacy Notice of the health practitioner or other health service identified in the consent form. It is the responsibility of the health practitioner or other health service to provide you with a Privacy Notice for any further use of your personal data that is not covered in this Policy.

YOUR RIGHTS

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • access to your personal data and to certain other supplementary information that this Policy is already designed to address
  • require Us to correct any mistakes in your information which We hold
  • require the erasure of personal data concerning you in certain situations
  • receive the personal data concerning you which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • object at any time to processing of personal data concerning you for direct marketing
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • object in certain other situations to our continued processing of your personal data
  • otherwise restrict our processing of your personal data in certain circumstances
  • claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email, call or write to Us
  • let Us have enough information to identify you (eg your name and NHS number)
  • let Us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
  • let Us know the information to which your request relates
HOW TO COMPLAIN

We hope that wecan resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify this Policy at any time. Any changes We may make to our Policy in the future will be notified and made available to you using the Website. Your continued use of the services and the Website shall be deemed your acceptance of the varied privacy policy.

CONTACT

All questions, comments and requests regarding this PrivacyPolicy should be addressed toyour health practitioner.