Effective from 12/03/2020.
This privacy statement applies to the website, apps and services available from:
At www.hashealth.com we fully respect your privacy and we will not collect any personal information on this website without your consent. It is our priority to protect your data. This is why we have taken the time to describe our information handling practices in detail. Please take the time to review this document, if you find anything that is not clear, please feel free to contact us at firstname.lastname@example.org.
Personal Information we collect
Information you provide
We may collect personal information from you when you apply for one of the services which is offered by your healthcare professional, this may be via an online questionnaire, a video consultation, a follow up question, a telephone call, an email or other means. It is sometimes necessary for us to collect sensitive data (such as medical information) relating to you so that the medical team can make an clinical decision if the service (and treatment) is safe and suitable for you. We collect your email and mobile number so that our team can contact you if required.
Should you contact us by any electronic format, including Web Chat, www.hashealth.com application messages, phone, email or post or by any other method – we may hold the content, contact details and any additional information you provide to us on record for future reference and use by www.hashealth.com. If you give us your credit card details then we will process payments using Secure Sockets Layer (SSL) security but we will not keep a record of your card details on our servers.
Device and network information
When you use our apps or website we collect information about the app, browsers and devices that you use to access www.hashealth.com services. The information that we collect may include unique identifiers, browser type and settings, device type and settings, operating system and application version number. We also collect information about the interaction of you and your browsers and devices with our services, including IP address, crash reports, system activity, and the date, time and referrer URL of your request.
Use of Personal Information
We use your personal information (subject to your consent choices) as described below and to provide and support the services described in the HasHealth terms and conditions.
Provide you with our service
We use the information you provide as part of your online consultation so that the medical team can make an clinical decision if the service (treatment) is safe and suitable for you.
We may use the information you provide as input into our clinical decision support system to assist your clinician in their decision making process. It should be noted that the decision to determine if the service and associated treatment is safe and suitable for you is decided by the medical team.
Communicate with you
We may use email and SMS to communicate with you about notifications such as an upcoming appointment, this contact method is decided by your clinician or their staff.
When you contact us, we use this information to respond to you. This may be via web chats, application messages, telephone, email or post or by any other method.
If you consent to marketing, we use your information to keep you informed about our service (such as when we release new services or products). We only contact you with these offers a few times a year and you can always opt-out if you change your mind at any time.
Research and Development
To improve our service and help us make better decisions, we analyse personal data to find improvements and make clinicians aware of risks.
How long do we hold your data (Data Retention Policy)
We store data until it is no longer necessary to provide our services, comply with legislation / guidelines, or until your account is deleted.
Who has access to the information we collect?
We do not share your identifiable personal information with any third party except as necessary to operate services and to fulfil legal and regulatory obligations.
Patient care is team based and access to your information is crucial for your safety and continuity of care. The sharing of information within the HasHealth team is on a need-to-know basis, depending on the role the member of staff has in your care.
All our staff are bound by confidentiality clause in their contracts. Also, under Medical Council guidance, it is a condition of registration to abide by the guidance set out by the Medical Council, which includes a requirement to respect patient confidentiality.
Disclosure with your consent
Disclosure can be made with your explicit consent. This could be a request from an Insurance company, employer or legal proceedings request but any disclosure must be with, and limited to, the authority provided by you. If this is not forthcoming, no information will be provided.
Disclosure without your consent
Disclosure can be made without your consent in two instances:
- If the disclosure is required by law. For example, when ordered by a judge in a court of law, or by a tribunal or body established by an Act of the Oireachtas.
- If the disclosure is in the public interest. For example, where mandated by infectious disease regulations, or there is a threat of serious harm to yourself or others.
Third Party Services
We require a number of third parties to deliver our service. Without these, we cannot provide you with a service. These include all the companies and services listed:
|Name||Service||Data Controller/ Data Processor||Description||Privacy URL|
|Microsoft||Azure||Data Processor||Cloud based hosting and services||https://privacy.microsoft.com/en-us/privacystatement|
|Amazon||Amazon Web Services (AWS)||Data Processor||Cloud based hosting and services||https://aws.amazon.com/privacy/|
|Google Analytics||Data Processor||User analytics tracking||https://policies.google.com/privacy|
|Rapid7||Logentries||Data Processor||Log management and analytics||https://www.rapid7.com/privacy-policy|
|Fabric||Data Processor||App deployment and analytics||https://policies.google.com/privacy|
|New Relic||New Relic||Data Processor||Application and server analytics and reporting||https://newrelic.com/termsandconditions/privacy|
|AggSignal||AppSignal||Data Processor||Application and server analytics and reporting||https://appsignal.com/privacy-policy|
|Blueface||Blueface||Data Processor||Telephony services||https://www.blueface.com/privacy-policy/|
|SMSAPI||SMS||Data Processor||SMS delivery service||https://www.smsapi.com/en/privacy|
|G Suite||Data Processor||Productivity and collaborations tools||https://policies.google.com/privacy|
|Flowmailer||Data Processor||Email delivery service||https://flowmailer.com/en/resources/l/privacy-policy|
|Freshworks||Freshdesk||Data Processor||Help desk software provider||https://www.freshworks.com/privacy/|
|Vonage||Video||Data Processor||Cloud based service provider for video||https://www.vonage.com/legal/privacy-policy/|
|Stripe||Stripe||Data Controller and Processor||Online payment processing||https://stripe.com/ie/privacy|
|MaxMind||MaxMind||Data Processor||IP Geolocation and Online Fraud Prevention||https://www.maxmind.com/en/privacy_policy|
|Wistia||Wistia||Data Processor||Video hosting and analytics provider||https://wistia.com/privacy|
How is your Information Secured and Protected?
We have technologies and procedures in place to protect your personal information. However, emails you send us are not necessarily secure when they are transmitted to us and we can accept no liability for any loss or damage resulting from emails to www.hashealth.com .
For every third party service that we use, we have a Data Processing Agreement with that service provider and check that processing complies with the related legislation.
We may record telephone calls for training and verification purposes.
How to Access and Update your Information?
In line with the Data Protection Acts, you have the right of access to any personal information about you You also have the right to require us to correct any inaccuracies in the information we hold about you by sending us a written request (this must include a copy of identification such as a driver’s licence or passport, this is to make sure that your personal information is only updated by you).
Subject access requests must be made in writing and include a copy of identification (such as driver licence or passport, this is to make sure that your personal information is not given to the wrong person) and must be addressed to the Data Protection Officer (see below). All access requests will be processed within one month on receipt of the access request.
Account deactivation, deletion and erasure
Once your account is deleted you will not be able to use our service and if you change your mind you will have to re-register.
Deactivation of your account means you will not be able to use our service and if you change your mind, you will have to contact support at email@example.com to reactivate your account.
Changes to this Statement
We may occasionally update this Privacy Statement. We encourage you to periodically review this Statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of this service constitutes your agreement to this Privacy Statement and any updates.
How to contact HasHealth with questions
The data controller responsible for your information is Webdoctor Ltd T/A Nua Solutions, which you can contact at firstname.lastname@example.org (subject “FAO DPO”) or by post at:
Data Protection Officer
Webdoctor Ltd T/A Nua Solutions
20 Knockmeenagh Road