This Privacy Policy governs your use of the mobile software application "MySpA" ("Application") that is developed and owned by the Barts Health NHS Trust ("Barts").
The Application has been developed to help those living with Spondyloarthritis (SpA) to manage their exercise regime and track their disease progression in conjunction with their healthcare professionals.
Barts is the Data Controller. Information may be collected and stored by Barts' appointed agencies (the Data Processors).
What information does the Application obtain and how is it used?
User Provided Information
The Application and Website obtain the information you provide when you register with us (Personal Information) including your name, email address, password and Date of Birth which will be used for managing your account.
You may choose to use certain features of the Application that will allow you to input other information with respect to your health (Health Information), such as assessments about your disease progression, the medications you take, personalised exercise plans and appointments. You can also choose to have the Application send you reminders to perform activities such as record exercise completion or update assessments.
Health Information submitted through the Application is stored in an encrypted form which means it is not individually identifiable. Barts may use anonymised, aggregated Health Information to monitor usage of the Application and for statistical analysis.
You may use the Application to create a report of your Health Information and you may choose to share this with your healthcare professional, family and friends. While we take great care to keep your Personal Information and Health Information confidential and secure, when you share your Health Information with others, it is at your discretion and is solely your responsibility. You should exercise caution when disclosing Health Information in such ways, to ensure only the intended recipients have access to your Health Information and that they treat it confidentially.
Your Personal Information will not be combined with other information and will not be used for other purposes, except as explained in this policy.
We recommend that you password protect your mobile device upon start-up to protect your Personal Information.
We may use your Personal Information (1) to identify your account for purposes of providing you with customer services and to respond to your requests, (2) to provide you the specific services you select in the Application (including the requested reminders)
If you opted in to receiving further information from Barts when you registered, we may use your Personal Information to contact you from time to time to provide you with important information, required notices and marketing promotions.
Automatically Collected Information
The Application and Website may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browsers you use, and information about the way you use the Application. This data is used to monitor the technical functioning of the Application, statistically monitor usage of the Application, and this data is used to improve the overall quality of our users’ experiences.
Where is my data stored?
Barts store your data on 3rd party managed servers housed within the European Economic Area (“EEA”). Barts sometimes collaborates with third parties outside of the EEA. In accordance with European Law, we will not transfer your data outside of the European Economic Area (EEA) without ensuring an adequate level of protection is guaranteed and will only share your data in ways that are described in this Privacy Policy.
Does the Application collect precise real time location information of the device?
This Application does not collect precise information about the location of your mobile device or computer.
Do third parties see and/or have access to information obtained by the Application?
Barts will not sell or rent personally identifiable information to third parties. Aggregated, anonymized data is periodically transmitted to Barts’ appointed agencies to help us improve the Application and our service. We will share your information with Barts’ appointed agencies only in the ways that are described in this Privacy Policy. We may disclose User Provided and Automatically Collected Information as required by law, such as to comply with a subpoena, or similar legal process; when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request; with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this Privacy Policy.
If Barts is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Website (https://www.bartshealth.nhs.uk) of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
What are my opt-out rights?
Please note that some or all of the User Provided Information may be required in order for the Application to function properly.
You cannot opt out of the Automatically Collected Information collected by the Application. If you do not wish to share this information, you must delete your account, exit and uninstall the Application. Uninstalling the Application also deletes any information stored on your device. You may use the standard uninstall processes as may be available via your mobile device's operating system or via the mobile application marketplace that you downloaded the Application from.
Data Retention Policy, Managing Your Information
We will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. We will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate.
You can delete your account at any time by selecting "Delete Account" on the Profile section of the Application.
To delete your account from the Application, your device must be connected to the internet. Select the Settings icon at the top right of the Application screen then select "Delete Account". After you have confirmed you wish to delete your account this will permanently delete all data stored on your devices and on the Barts servers.
Children
We do not use the Application or Website to knowingly solicit data from or market to children under the age of 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at info@myspaapp.net. We will delete such information from our files within a reasonable time.
Security
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, data is stored in an encrypted format and we limit access to this information to authorised employees and contractors who need to know that information in order to operate, develop or improve our Application. Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
Changes
This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here and informing you via email or text message. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed acceptance of all changes.
Your Consent
By using the Application, you are consenting to our processing of your information as set forth in this Privacy Policy now and as amended by us. "Processing,” means using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information, all of which activities will take place within the European Union (EU).
Contact us
If you have any questions regarding privacy while using the Application or Website, or have questions about our practices, please contact us via email at info@myspaapp.net.