Rehab My Patient Privacy Notice

Effective Date: March 5th 2018

Our privacy notice explains how we collect, use, share and protect your personal information. If we update this notice, we’ll post any changes on our website.

Our privacy notice is separated into three sections. Considering that Rehab My Patient website (RMP) collects personal data in its capacity of Controller for two different types of data subjects we have created a separate section for each one, as follows:

Section I of this Privacy Notice is intended for the Subscribers of RMP.

Section II of this Privacy Notice is intended for the patients of the Subscribers for the cases where these patients log in RMP in order to submit notes and information to the Subscribers.

We have created Section III that applies for all users of our website and is intended for the users to get acquainted with their rights under the GDPR.

RMP information and contact details:

www.rehabmypatient.com is website operated and owned by Surrey Physio Group Ltd, 409-411 London Rd, Mitcham CR4 4BG

Email: support@rehabmypatient.com

Tel: 0044 (0) 207 193 6856

SECTION I

Information collected by Subscribers to RMP

Personal data that we collect from Subscribers

The personal data we collect from you differs depending on the different functionalities of the website you use.

  1. Registration form of the website
  • Email
  • Clinic/Practice Name
  • First Name
  • Last Name
  • IP Address
  1. Additional information for your profile (the providing of this information is optional)
  • Phone
  • Mobile
  • Fax
  • Address
  • City
  • Post code
  • Clinic logo
  1. Contact form of RMP
  • Name
  • Email
  1. Additional data collected by RMP

RMP collects the following data related to the activity of the subscriber:

  • Time of log in to the RMP system
  • Changes to the information entered in your profile
  • Information for the performed PayPal transactions with RMP, PayPal recurring transactions info (transaction id, time, amount)
  • RMP uses cookies in order to monitor your activity on the website. You are able to opt out from the Settings Menu.

Purposes for the collection and the processing of the data

  1. Registration form of the website
  • We collect your personal data upon registration to our website, in order to create you an account and to be able to provide you with our services.
  • We collect this set of data with the purpose to identify the user of our services.
  • The provision of this data is a contractual requirement, and is necessary to enter into a contract with RMP, in case of failure to provide such data you may not be able to use RMP’s services;
  1. Additional information for your profile (the providing of this information is optional)
  • We provide you the opportunity to develop your profile/account in our system as the provision of this data is completely voluntary. This data will be used solely to supplement the information in your profile.
  1. Contact form of RMP
  • We collect and process the data in this section in order to identify the person who sends us a message via the contact form of RMP.
  1. Additional data collected by RMP
  • We are tracking date, time and IP address when a Subscriber successfully logs in or fails to login. The purpose for that is to prevent suspicious logins and to have records so we can know if someone is performing unlawful attempts to threaten the security of your data.
  • We are tracking changes in your profile only for our internal statistic purposes.
  • We are collecting information related to PayPal transactions with RMP so we could have records of payments, so we can prolong user licenses and that we can refund a transaction if needed.
  • We collect information by using Cookies in order to improve performance of our website, and to get a better user experience.

Legal basis for the collection and the processing of the data

  1. Registration form of the website

We process this set of your personal data on the grounds of two legal bases as follows:

  • Your consent to process your personal data, when you have chosen to use our services, as this consent is expressed with your actions when entering your data in our system.
  • The processing is necessary for the performance of a contract (our licence agreement) to which you are a party.
  1. Additional information for your profile (the providing of this information is optional)
  • We process this set of your personal data on the grounds of your consent, when you have chosen to provide us with this data, as this consent is expressed with your actions when entering your data in our system.
  1. Contact form of RMP
  • We process this set of your personal data on the grounds of your consent, when you have chosen to contact us via our contact form, as this consent is expressed with your actions when entering your data in our system.
  1. Additional data collected by RMP
  • We process this set of your personal data on the grounds of our legitimate interest to use your personal data as client of our service in order to improve our service quality and to prevent attempts of fraud (as for instance of unauthorized access to your profile) or other crimes.
  • We process your personal data extracted with the help of cookies on the grounds of your consent.

With whom we share your personal data

  • We may share your data with State authorities upon their lawful request, however this would be an exceptional circumstance and highly unlikely to happen.
  • We may share your data with software companies that are responsible for the maintenance of RMP (Hosting companies, IT service providers etc.).

For how long will we store your personal data?

  • We will store your personal data for the length of your use of RMP and for six (6) years afterwards.

Please visit section three in order to get acquainted with your rights.

Third Party Cookies

Google Analytics

We use Google Analytics to collect anonymized data about visitors to this site. We use this data to improve visitor experience, and to help us make the site better and attract more visitors. Google Analytics records:

  • The website the visitor came from to get to this site.
  • The kind of computer they are using (Windows, Mac, etc. as well as information like screen resolution, web browser etc.)
  • The visitors general location (eg: London, United Kingdom)
  • Where the visitor clicked on the site and how long they stayed for.

In using Google Analytics, we are bound by Google Analytics Terms of Service

You can opt out of Google’s advertising tracking cookie or use a browser plugin to opt out of all Google Analytics tracking software.

Cloudflare

We use Cloudflare to help us optimize and protect the RMP site. Cloudflare may place a cookie in your browser to help it provide its services. You can read more about this here - Cloudflare Privacy & Security Policy

YouTube cookies

We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.

Read more at YouTube’s embedding videos information page.

SECTION II

Information collected by Subscriber’s Patients when they access RMP

Personal data that we collect from Patients

The personal data we collect from you differs depending on the different functionalities of the website you use.

  1. Login form of the website
  • Access code provided by the Subscriber to the Patient
  1. Information related to your performance of the prescribed Exercise plan
  • Type of exercise that you have performed
  • Date and time of performance of the exercise
  • Pain level that you have suffered before, during or after the exercise plan
  • Additional notes provided by you for the performance of the exercise
  1. Additional data collected by RMP

RMP collects the following data related to your activity on our website:

  • Time of log into the RMP system
  • IP Address
  • RMP uses cookies in order to monitor your activity on the website.

Purposes for the collection and the processing of the data

  1. Login form of the website
  • We collect Access code provided by the Subscriber to the Patient, in order to verify your right to use our system and to be able to provide you with our services.
  1. Information related to your performance of the prescribed Exercise plan
  • We collect information related to your performance of the Exercise plans prescribed to you, only with the purpose to make this information available to the professional who has prescribed this Exercise plan to you via our system. You provide this data completely voluntary and with content on your discretion.
  1. Additional data collected by RMP
  • We are tracking date, time and IP address when Patient successfully logs in or fails to login. The purpose for that is to prevent suspicious logins and to have records so we can know if someone is performing unlawful attempts to threaten the security of your data.
  • We collect information by using Cookies in order to improve performance of our website, and to get better user experience.

Legal basis for the collection and the processing of the data

  1. Login form of the website
  • We process your access code on the grounds of your consent, when you have chosen to use our services, as this consent is expressed with your actions when entering your code, provided by our Subscriber, in our system.
  1. Information related to your performance of the prescribed Exercise plan
  • We process your personal data related to your performance of the prescribed Exercise plan, on the grounds of your explicit consent expressed in your affirmative action in our consent form and with your actions of entering your personal information in our system. You provide this personal data completely voluntary and with content on your discretion.
  1. Additional data collected by RMP
  • We process this set of your data on the grounds of our legitimate interest to use your personal data as client of our service in order to improve our service quality and to prevent attempts of fraud (as for instance of unauthorized access) or other crimes.
  • We process your personal data extracted with the help of cookies on the grounds of your consent.

With whom we share your personal data

  • We may share your data with State authorities upon their lawful request, however this would be an exceptional circumstance and highly unlikely to happen.
  • We may share your data with software companies that are responsible for the maintenance of RMP (Hosting companies, IT service providers etc.).

Third Party Cookies

Google Analytics

We use Google Analytics to collect anonymized data about visitors to this site. We use this data to improve visitor experience, and to help us make the site better and attract more visitors. Google Analytics records:

  • The website the visitor came from to get to this site.
  • The kind of computer they are using (Windows, Mac, etc. as well as information like screen resolution, web browser etc.)
  • The visitors general location (eg: London, United Kingdom)
  • Where the visitor clicked on the site and how long they stayed for.

In using Google Analytics, we are bound by Google Analytics Terms of Service

You can opt out of Google’s advertising tracking cookie or use a browser plugin to opt out of all Google Analytics tracking software.

Cloudflare

We use Cloudflare to help us optimize and protect the RMP site. Cloudflare may place a cookie in your browser to help it provide its services. You can read more about this here - Cloudflare Privacy & Security Policy

YouTube cookies

We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.

Read more at YouTube’s embedding videos information page.



For how long we will store your personal data

  • We will store your personal data for the length of your use of RMP and for six (6) years afterwards.

SECTION III

Your rights under the GDPR

Please be advised that under the General Data Protection Regulation you are entitled to the following rights:

  • Right to access which is the right to obtain from RMP confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data as well as certain information as the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed etc.
  • Right to rectification which is the right to obtain from RMP without undue delay the rectification of inaccurate personal data that concerns you.
  • Right to erasure which is the right to obtain from RMP the erasure of personal data that concerns you without undue delay and the RMP shall have the obligation to erase this personal data without undue delay where certain conditions under the GDPR are met. This right may be extended to the “right to be forgotten” which will apply if RMP have made some of your personal data public.
  • Right to restriction of processing which is the right to obtain from RMP restriction of processing where certain conditions are met.
  • Right to data portability which is the right to receive the personal data that concerns you, which you have provided to RMP, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller.
  • Right to objection which is the right to object, on grounds relating to your particular situation, at any time to processing of personal data that concerns you which is based on public interest or legitimate interests, including profiling based on those provisions.
  • You have the right to withdraw your consent for processing of your data where such was given without this to affect the lawfulness of processing based on consent before its withdrawal.
  • You have the right to lodge a complaint related to collection or the processing of your personal data with the relevant supervisory authority.
  • RMP does not use automated decision-making or profiling.



www.rehabmypatient.com

05/03/2018