PRIVACY AND COOKIE POLICY

This is our CURRENT policy and was Last Revised on the 16/08/2016. For further information on our policies please Contact Us.

PLEASE READ THIS PRIVACY POLICY CAREFULLY AND RETAIN A COPY FOR YOUR RECORDS. THIS POLICY FORMS PART OF PUSH DR’S TERMS AND CONDITIONS.

Push Dr Limited, registered in England and Wales with company number 08624572, (Push Doctor, we, us), respects the privacy of every person and is committed to protecting all of your personal data, including sensitive personal health information (Personal Data).

This policy (together with our Terms and Conditions of Use as set out here and as updated from time to time (Terms and Conditions)) applies to your use of:

  • the website at pushdoctor.co.uk (Website); and
  • the Push Dr mobile application software (App), available to download or stream to your mobile telephone or handheld device (Device),

together, the Platform, and any of the services accessible via the Platform (Services).

For the purpose of the Data Protection Act 1998, the data controller is Push Dr Limited of 1 Church Street, Stourbridge, West Midlands DY8 1LT.

The policy will serve as a summary of your privacy rights. The law (currently the Data Protection Act 1998) requires that your Personal Data be kept private unless there is a legal obligation or requirement for disclosure by us to authorised parties, in which case we will make such disclosure(s) as legally obliged. We must give you this notice about our privacy practices and follow the terms of this policy while it is in effect. Your use of the Platform and the Services indicates your acceptance of the terms of this policy.

INTRODUCTION

Push Doctor is a platform via which individuals in the UK (Customer, Customers, you, your, yourself) may connect in real time, via streaming video, chat, instant messaging and picture messaging, to participating doctors registered with the UK General Medical Council: www.gmc-uk.org, (the GMC) (known as Practitioners), and may purchase the Services.

INFORMATION YOU PROVIDE

In order to download or register the App, search for the App or any Service, make an in-App purchase, report a problem with the App or Website or use the Services, you may be asked to provide personal details such as your name, address, age, e-mail address and phone number, the Device's phone number, username, password and other registration information, financial and credit card information, personal description and/or photograph.

The first time you log in to the Platform you will be asked to create an online account (Account). To create an Account, you must provide Personal Data that will be shared with Practitioners and members of the Push Doctor team (from time to time, as required) who have been appropriately checked (including DBS checked) to ensure they meet the requirements to access such information (in accordance with UK law). After you create your Account you can use the same details to log in to the Platform and use the Services.

Push Doctor creates a record of the consultations, care/advice and Services you receive via the Platform. Some examples of the information collected or created through this process are electronic medical records that may be uploaded by you or created as a result of your use of the Services.

When you use Push Doctor to consult with Practitioners we will collect debit and/or credit card information, which is maintained by our billing processing partner in a secure vault (compliant with the payment card industry security standard) for use when you decide to utilise any Services.

INFORMATION THAT MAY BE COLLECTED

Each time you use the App or the Website we may automatically collect the following information:

  • technical information, including the type of device (mobile or tablet) you are using, the temporary or persistent unique device identifiers (UDIDs) placed by us or our service providers, the unique identifier assigned by Push Doctor to your Device, the I.P. address of your Device, your mobile operating system, the type of mobile internet browsers you use and data about the way you use our Platform (Device Information);
  • information about your visit, including the full uniform resource locators (URL) clickstream to, through and from the Website (including date and time); Services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), consultation length(s), recurrence of visits and other interaction information, methods used to browse away from the page and any phone number used to call our customer service number (Website Information);
  • when you install or uninstall a Service containing a unique application number or when such a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us (Unique Application Numbers);
  • information stored on your Device, including contact information, login information, photos, videos or other digital content and check ins (Content Information);
  • details of your use of the Platform including, but not limited to, traffic data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access (Log Information); and
  • if you contact us, we may keep a record of that correspondence.

Location Information

We may also use GPS technology to determine your current location. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by turning off your GPS setting in your device.

Third Party Information

We are working closely with third parties (including, for example, local NHS practices and community services, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

We may associate any category of information with any other category of information and will treat the combined information as Personal Data in accordance with this policy for as long as it is combined.

HOW WE USE YOUR DATA

We may disclose or otherwise make available Personal Data about you to service providers that assist the function of the Platform. These service providers may collect device-specific data, such as a UDID, when you use our Platform. This data will not be associated in any way with your Account or any Personal Data that identifies who you are; we use this UDID to improve our Platform.

Your email address and mobile number may be shared with third parties working with Push Doctor in the delivery and development of the Services and the Platform, to track usage, and these details may be used to advertise new Push Doctor services to you from time to time.

You should also know that we work with third party analytics companies to discover how we can improve, update and change the Platform. Such third parties may therefore gain access to your Personal Data (but not any medical records). If you do not consent to such use of Personal Data, please do not use the Platform and remove the Platform from your Device by uninstalling the App.

Push Doctor will use the email address and mobile number you provide when you register to send you a text message requesting that you validate your Account. Your email address, mobile telephone number and other contact information that you provide via your Account may also be used by Push Doctor to enable your use of the Services. Push Doctor will use your email address and mobile number as the joint primary means to reset your username and password.

We will use your Personal Data:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and Services that you request from us;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous transaction. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please Contact Us;
  • to notify you about changes to the Platform and/or Services;
  • to ensure that content from the Platform is presented in the most effective manner for you and your computer or Device;
  • to undertake planning, Service evolution, new product development, Service delivery, marketing, internal and external performance indicators and a range of other business intelligence functions.
  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to allow you to participate in interactive features of the Services;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to make suggestions and recommendations to you and other users of the Platform about goods or services that may interest you or them.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective buyer or seller.
  • If Push Dr or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
  • In order to:
    • enforce or apply the Terms and Conditions or to investigate potential breaches; or
    • protect the rights, property or safety of Push Dr, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

SENSITIVE PERSONAL DATA

In order to participate in the Services, you will need to provide health information about yourself to Push Doctor and the Practitioner(s) such as: your NHS or other medical records; measurements, such as weight, blood pressure or glucose levels; test results; health history, family history and other health information, such as medication information. This is classed as sensitive personal data under the Data Protection Act 1998.

If you grant us access we may be able to feed information from third party services when you use them, such as mobile health applications, Microsoft HealthVault or Google Health and any other data storage connection points to which you provide us access.

Information that Practitioners on the Platform record in your online notes (your Electronic Medical Records or EMRs) will include relevant and pertinent information that you have discussed with Practitioners on the Platform. Such EMRs may also include Practitioners’ comments, diagnoses and commentary as well as factual information, medical advice and the symptoms that you have presented with in a session. We will also collect and process demographic information about you (where available) such as your age, location, gender and income.  To protect your EMRs we print hard copies and place these in a secure vault environment at regular intervals throughout the year.

HOW INFORMATION ABOUT YOU MAY BE USED BY PUSH DOCTOR

Use and Disclosure of Sensitive Personal Data

Push Doctor may gather sensitive personal data, as described above, to share with Practitioners for the purposes of diagnosis, treatment and health care operations. Push Doctor may also use aggregated, anonymised data sets of unidentifiable, non-personal information for: (i) statistical analysis, improvement of the Services and customisation of UX-design and content layout or creation; or (ii) sharing with government agencies or regulators that oversee and monitor health care providers in both the public and private sectors.

Further, Push Doctor is permitted to use and disclose your sensitive personal data for purposes of: (a) treatment; and (b) to enable medical service provision, as follows:

Treatment:

Push Doctor may use or disclose your personal health information to facilitate treatment or the provision of medical services by a Practitioner. Push Doctor may share your sensitive personal data with doctors, technicians or Push Doctor employees, as required to fulfil its contractual obligations to you.  For example, departments may share your personal health information to plan your care. This may include prescriptions, lab work, other digitised / digital health information that you make available to us about you from time to time. Push Doctor will make all reasonable endeavours to procure that such persons securely store, transmit or destroy such data and comply in all respects with applicable data protection law from time to time.

Push Doctor may share your sensitive personal data with people not at Push Doctor including, but not limited to, referring practitioners, specialists, GP practices, hospitals, pharmacists, pharmacies and other healthcare providers who are treating you.   

Enabling Medical Service Provision:

Push Doctor may use and disclose your personal health information to help us in the operating and improvement of the Platform. For example, Push Doctor may use sensitive personal data to review the treatment and provision of Services by certain Practitioners. Push Doctor may also use sensitive personal data to measure the performance of its own staff and may share sensitive personal data with third parties who Push Doctor engages to provide various Services on the Platform or to Push Doctor itself, such as Practitioners and other healthcare workers, research agencies, clerical services providers, marketing agencies and data processing houses. If any such third party requires access to your sensitive personal data in order to perform the agreed services, Push Doctor will make all reasonable endeavours to procure that such third party complies with: (i) the terms of this policy; and (ii) applicable data protection law from time to time as well as seeking informed consent from you.   

Video Recordings for Training and Special Incidents

Push Doctor does not routinely record any of the video interactions on its Platform and would only do so to meet a serious training need, a review or other special incident and would never record any patient or doctor’s visual/video/audio interaction unless it was in the strictest conformity with the guidance and guidelines on Visual and Audio Recordings as published by the GMC, a version of which is available at: http://www.gmc-uk.org/guidance/ethical_guidance/making_audiovisual.asp

To Prevent Incidents and Protect You:

Push Doctor may use and disclose your Personal Data to the extent required to prevent a serious threat to your health and safety or that of others (including but not limited to instances of child abuse or neglect). In such circumstances Push Doctor will only disclose your Personal Data to public bodies or officials who can help prevent the identified or possible threat (as permitted by s.31 Data Protection Act 1998).

To Prevent Public Health Risks:

Push Doctor may share your Personal Data for public health activities, as required by departments or parties duly authorised by the UK Government. For example, we may share your Personal Data:

  • to report reactions to medicines or problems with products;
  • if a Practitioner believes that you may have been exposed to, or may be at risk of spreading, certain specified serious diseases or conditions.

Legal Disputes and Cases:

If you are involved in a legal dispute, Push Doctor may share your Personal Data in response to a court order, legal demand or other lawful process.

The Police

Push Doctor may share sensitive personal data if asked to do so by the police in certain limited circumstances, including reporting of certain types of wounds.

National Security

Push Doctor may share, if required, your Personal Data with UK Government officials for national security reasons (as permitted by s.28 Data Protection Act 1998).

COOKIES

A cookie is a small text file that may be placed on your computer or Device when you visit the Platform. When you next visit the Platform the cookie allows us to distinguish you from other users. There are two categories of cookies: (a) ‘persistent cookies’ that remain on your computer or Device until deleted manually or automatically; and (b) ‘session cookies’ which remain on your computer or Device until you close your browser, when they are automatically deleted.

The cookies Push Doctor uses:

  • Essential cookies are required for the operation of the Platform and without them the Platform can’t operate properly.
  • Performance cookies allow us to see and count the number of visitors to the Platform and what they do during their visit. We use the information from these cookies to improve the Platform’s performance. The data from these cookies doesn’t allow us to identify you.
  • Experience cookies allow the Platform to remember your choices, which means we can personalise your experience of the Platform. Data collection by experience cookies is used by our analytics systems (including third party systems) to monitor and enhance the Platform’s user-friendliness.
  • Marketing cookies track and record your visits to the Platform, including but not limited to the actual pages you visit and the links you have clicked or followed. We use this data to make the content of the Platform more relevant to/for you based on what we know about you. We do share information about your activity on the Platform that is stored by these cookies with our agents, agencies and other third party ad networks and this information can be used to advertise products to you on other sites. Any data we share is anonymous and cannot be used to identify you.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can REFUSE cookies, by activating settings of your chosen browser(s). If you alter your browser settings to refuse cookies your access to the Platform will be restricted.

SECURITY

The importance of security for all your Personal Data including, but not limited to, sensitive personal data is of great concern to us. At Push Doctor, we have gone to great lengths to manage the security and integrity of the Platform and to ensure that we use best–in-class services when providing secure transmission of information from your computer or Device.

Personal Data collected via the Platform is stored in secure environments that are not available or accessible to the public; only those duly authorised people, officers, employees or agents of Push Doctor who need access to your information in order to do their jobs are allowed access. Anyone who violates our privacy or security policies is subject to disciplinary action, including possible termination of their contract with Push Doctor and civil and/or criminal prosecution.

Push Doctor uses the latest technologies to ensure utmost security, including utilising several layers of firewall security and encryption of personal data to ensure the highest level of security.

Push Doctor is the sole owner of any data collected via the Platform.

Data Storage

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. These staff may be engaged in the fulfilment of your request for any Services, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

We may collect and store personal data on your Device using application data caches and browser web storage (including HTML 5) and other technology.

Certain features of the Platform link to social networking. Ensure when using these features that you do not submit any Personal Data that you do not want to be seen, collected or used by third parties.

Security when using the Platform:

When using the Platform, all your Personal Data, including but not limited to your debit or credit card number(s), are transmitted through the internet using Secure Socket Layers (SSL) technology. SSL technology causes your browser to encrypt your entered information before transmitting it to our secure server. SSL technology, an industry standard, is designed to prevent a third party from capturing and viewing your Personal Data. Push Doctor also takes the following measures to protect your Personal Data online:

Two-Step Process:

You are required to go through a two-step verification process to create and restore your Account. Online access to your Account is protected with a password that you create. We strongly recommend that you do not disclose your password to anyone. Push Doctor will never ask you for your password in any unsolicited communication (including unsolicited correspondence such as letters, phone calls, email or text messages). You will only ever be able to reset your password using a two-step process.

Information:

Since any information you provide to us on the Platform will be transmitted using a secure connection, if your web browser cannot support the required level of security you will not be able to use the Platform properly. The most recent versions of Google Chrome, Safari and Firefox can support a secure connection and can be downloaded for free from their respective websites. Should you choose to download and/or install any such package such actions are at your own risk.

No data transmission over the internet can be guaranteed to be 100% secure. While we strive to protect your Personal Data from unauthorised access, use or disclosure, Push Doctor cannot ensure or warrant the security of any information you transmit to us via the Platform.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Accessing Your Personal Information:

We believe that patients should have access to their medical information without charge where possible, to enable patients to take a more active role in their own health future. You can access your EMRs on Push Doctor any time by signing in to your Account and selecting the option to ‘Release Your Notes’. We do not charge for releasing notes.

For access to other Personal Data please see “Accessing Information Held By Us” below.

Right to Amend:

We do not allow ANYONE to AMEND EMRs created or held by Push Doctor. We only ever allow authorised contributors (that is, Practitioners and the Customer) to ‘add to’ records, making an update to the information without deletion of the original record. We believe this approach is for everyone’s benefit and best ensures the integrity of the information we hold. If you would like to update your medical information or EMRs please Contact Us and direct your query to a member of our Clerical Team.

Push Doctor may, in circumstances such as these, deny your request to update your record (this is a non-exhaustive list):

  • Your request has not been submitted in writing and does not include a valid reason.
  • Push Doctor did not create the record or original information, in which case you should contact the creator, author or originator of the records. (In the case the creator, author or originator of the record is no longer in legal operation or accessible we may be able to assist you: please clarify this in your request.)
  • Push Doctor does not hold the record and/or that information may not be updated at your request but requires another party’s authorisation.

OTHER PROVISIONS

Other Links

The Platform may contain links to let you to visit other websites or mobile applications easily. If you click on a link to a third party site or app, you will leave the Platform and go to the site or app you selected. Because Push Doctor cannot control the activities of third parties, we cannot accept responsibility for the content of any such sites or apps or for any use of your Personal Data by such third parties and we cannot guarantee that they will adhere to the same privacy practices as Push Doctor. If you visit a third party website that is linked to our site, you should read that site's privacy policy before providing any personal information.

Notices, Amendments and Updates:

Push Doctor may revise this policy to reflect any changes in its privacy practices. We reserve the right to make any revised policy effective for Personal Data we already have about you as well as any information we receive in the future. We will post a copy of the updated policy on our Platform prior to any change becoming effective. The effective date of this policy is displayed directly under the title of the document. If we make any material changes we will notify you by means of a notice on the Platform prior to the change becoming effective.

Social Media Sharing:

Our Platform includes some social media features, such as the Facebook button, and widgets, such as the ‘Share This’ button. These features may collect your IP address, which page you are visiting on our Platform and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Platform. Your interactions with these features are governed by the privacy policy of the company providing it.

Accessing Information Held By Us:

If you would like a copy of all of the Personal Data, we hold about you please Contact Us. We do charge for providing information because we have to gather, collate and process this data to make it available to you in its entirety: a fee of £10 must be paid prior to releasing data and details of how this should be paid will be provided in our response to your request. Alternatively, you may write to Push Doctor and enclose a cheque payable to Push Dr Limited in that correspondence. The Data Protection Act allows us up to 40 days (from the date instructions and payment have been received – please note payments must clear first) to retrieve, process and provide the information requested.

Complaints:

If you have any complaints, please Contact Us.

ACCEPTANCE

By using the Platform and/or the Services you acknowledge your acceptance of our privacy policy, as updated from time to time. If you do not agree with this policy you should not use the Platform or the Services. It is recommended that you read this privacy policy each time you consider or choose to use the Platform or the Services to ensure that you have not missed any changes to this Privacy Policy.

Your continued use of the Platform following any changes to the privacy policy (which will be notified to you as described above) signifies your acceptance of those changes.