SimplyMe privacy policy

 

Simplyhealth respects your privacy and is committed to protecting your personal data. This privacy policy explains in detail the way in which any personal data you share is used and kept safe whilst using the SimplyMe Mobile Application, powered by HeadUp (Supplier).
 

In addition to this Privacy Policy, we provide additional data and privacy information embedded in the SimplyMe  Mobile Application for certain features that ask to use or collect your Personal Information.
 

Simplyhealth’s Privacy Policy can be found here.

 

Collection and Use of Personal Information

You may be asked to provide your Personal Information anytime you are in contact with the SimplyMe Mobile Application. We may use your Personal Information in accordance with this Privacy Policy.  We may also combine it with other information to provide and improve our product and content. You are not required to provide the Personal Information that we have requested, but, if you choose not to do so, in many cases we will not be able to provide you with some elements of – or all of – our products and content or respond to any queries you may have.
 

We will only use and share your Personal Information when directed or requested by you, as necessary for us to operate our business and provide services to you, to comply with legal, regulatory or administrative requirements of governmental authorities, or as otherwise permitted or required by applicable law. We do not sell, disclose, or share your Personal Information with any Third Parties except as indicated in this Privacy Policy, or with your consent, or as required by law.

 

Sensitive Information

This refers to credit or debit card numbers, personal financial account information, or similar personal identifiers, racial or ethnic origin, physical or mental health condition or information, or other employment, financial or health information.

Personal information we collect

 

When You Use the SimplyMe Mobile Application

We use mobile analytics software to allow us to better understand the functionality of the SimplyMe Mobile Application on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. When you use the SimplyMe Mobile Application we may also collect your city location, device model and version, device identifier (or “UDID”), OS version, and your SimplyMe credentials and Member Account information.
 

We send push notifications from time to time in order to update you about events or promotions. If you no longer wish to receive such communications, you may turn them off at the device level.
 

We may link information we store within the analytics software to Personal Information you submit within the Mobile Application. We do this to improve the product and content offering we provide and to improve our marketing, analytics and Mobile Application functionality.

 

Personal Information collected about you

In order for us to provide you with our services, we collect both anonymous and Personal Information about you. Personal Information constitutes data that can be used to identify or contact a single person. You are under no obligation to provide any Personal Information at any time.

 

Your SimplyMe Member Account

The information added to your Member Account, either by your providing the information or when a Linked Service adds the information with your permission, is stored and managed on our Service Providers’ servers. This information is then used to provide you with analysis of your data and personalised insights and recommendations to facilitate greater understanding of your health. We provide the Member Account to our members for their own personal information needs, and to meet our related needs. For the purposes of your use of your Member Account, Personal Information includes, without being limited to, the following:
 

  • Your contact information, including your first name and last name, phone number, email address, and contact preferences
  • Information you provide about your health, fitness, mood, and related wellbeing activities 
  • Your gender, height, weight, age, and date of birth
  • Linked Service data, such as physical activity, sleep, and heart rate from an external wearable device you link to the SimplyMe Mobile Application
  • Demographic data, such as your county, suburb, and city
  • Additional information you may provide in the course of submitting queries to us or responding to Mobile Application surveys, questionnaires, or other product / market research surveys we may send you from time to time
  • Mobile Application tracking data, such as your device(s) identifiers and IP address
     
Linked Services

As a SimplyMe Member, you are able to connect one or more smart devices, third party data sources or activity trackers to your Member Account. These devices and data sources track, among other things, your steps activity, sleep patterns, heart rate, and other health or related data, as well as self-entered data, such as your height, weight, and age, and calculated or inferred data such as BMI. From this information, we are able to calculate an overall wellbeing / health score for provided data points and analyse your sleep, activity, heart rate and other health-related patterns to provide you with insights into trends and comparisons against benchmarks.
 

We will not link your device or third party data source data with the SimplyMe Mobile Application without your explicit and informed consent to do so. You may withdraw your consent at any time by contacting [email protected] and providing notice that you wish to withdraw your consent to this Privacy Policy or you may revoke permissions for the SimplyMe Mobile Application from within your device or data source settings.
 

Depending on the smart device or activity tracker or third party data source you connect, the data we may collect may vary. Typically, the activity tracking, smart device manufacturers or third party data sources have their own specific privacy policies available, which outline what data the device or software collects. We urge you to review the corresponding privacy policy for your device or third party data source to know what specific data points your device or third party data source collects about you.
 

You may be able to link your Member account to Social Media Sites (“SMS”) accounts such as your Facebook account when using SimplyMe Services. By linking your SMS account with your SimplyMe account, you permit us to access your information on that SMS. The information we collect from your SMS account may depend on your privacy settings with that SMS, which may enable you to control the information we collect via the SMS account by adjusting your privacy settings on that SMS. You can also de-link your SMS account from SimplyMe at any time.
 

How we use your personal information

We may process your Personal Information for the purposes described in this Privacy Policy, with your consent, for compliance with a legal obligation to which we are subject, or when we have assessed it is necessary for the purposes of the legitimate interests pursued by Simplyhealth or a third party to whom it may be necessary to disclose information.
 

For the purposes of your use of your Member Account, Personal Information includes the following:
 

Information you provide when you register an account with SimplyMe

We receive certain information from you when you create a SimplyMe account. To create an account, you provide your email address and policyholder number to authenticate and register information about your name and date of birth. You may optionally choose to provide information about your height, weight, and gender, as well as upload a photo of yourself for your profile.

 

Information you provide when you use the application

When you use the SimplyMe Mobile Application you can choose to share certain information related to your health, settings and preferences, and lifestyle, which comprise:
 

  • Your contact information, including your first name and last name, phone number, email address, and contact preferences. We use this to personalise your app experience and to send you communications.
  • Linked Service data, such as physical activity, sleep, and heart rate from an external wearable device you link to the SimplyMe Mobile Application (see Linked Services below). We use this data to provide you with your Dashboard ratings in the app.
  • Demographic data, including your country, suburb, and postal code. We use this data to provide relevant health-related insights based on your geographic location.
  • Biometric information: you can choose to share your height, weight, hip circumference, and waist circumference. We use this information to determine your BMI and body fat percentage.
  • Information about your nutrition habits. You can choose to share information relating to your nutrition habits, such as the types of food you typically eat and your snacking habits. We use this information to recommend ways of maintaining and / or improving your nutrition habits and behaviours.
  • Information about your physical activity. You can choose to share information about your exercise and physical activity, such as information about the type of exercise you do. We use this information to personalise insights based on the types of activities you typically perform.
  • Information about the questionnaires that you complete. You can choose to respond to various questionnaires in the application, such as questionnaires related to emotional wellbeing and work environment. The results of these tests are based on the information you provide. We use this information to allow you as a user to keep track of your test results and to personalise health insights based on your responses.
  • Information about your vital signs. You can choose to share information related to your vital signs, such as your blood pressure, cholesterol, personal and family medical history, and diabetes status. We use this information to allow you as a user to keep a record of your vital signs and record changes in these measurements over time, as well as to personalise health insights based on your responses.
  • Information about how you use the application. To improve the user experience of the application, we also collect tracking information on how you use the SimplyMe Mobile Application, such as your device(s) identifier and IP address.
  • Service information. Additional information you may provide in the course of submitting queries to SimplyMe or responding to SimplyMe Mobile Application surveys, questionnaires, or other product / market research surveys SimplyMe may send you from time to time. This data is used to fulfil service requests for you and for research and development purposes.
  • Daily mood: you can enter your mood and emotions in the app. We will use this information to provide a rating for your overall mood and send you Insights revealing correlations with other health markers you may choose to provide
     

We do not share Personal Information with unaffiliated Third Parties for their own marketing purposes.
 

From time to time, we may use your Personal Information to send important notices, such as changes to our Terms of Use and Privacy Policy. Because this information is important to your interaction with SimplyMe, you may not opt out of receiving these communications.
 

We also use Personal Information to help us improve, develop, and support our Mobile Application and to inform potential new SimplyMe product and service development and innovation, as well as for other internal purposes, such as research and data analysis.
 

We may use your personal information, including date of birth, to verify identity, assist with identification of users, and to meet legal requirements. For example, we may use date of birth to determine the age of SimplyMe Account Members.
 

We may also use your Personal Information to create Anonymous Data records by first de-identifying your Personal Information, which means removing any information that would allow the remaining data to be linked back to you. We may use Anonymous Data for internal purposes, such as analysing overall health and Mobile Application usage patterns and preferences to improve our product. Subject to applicable laws and regulations.
 

We may also combine Non-Personal Information (data which cannot be linked back to you) with Personal Information. In the event of combining this data, the combined information will be treated as Personal Information for as long as it remains combined.

 

Cookies and Other Technologies

SimplyMe’s Mobile Application, email messages, and Service Providers may use “cookies” and other technologies such as pixel tags and web beacons. These technologies help us improve our  understanding of Member Account behaviour and tell us which parts of our Mobile Application people have visited and functionality that has been used and personalise and customise content, so that your settings are ‘remembered’ when you log in (for example, knowing your name enables SimplyMe to personalise content to you). To the extent that Internet Protocol (IP) addresses or similar identifiers are considered Personal Information by local law, we treat these as Personal Information. As is true of most internet services, we also track some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, language settings, browser type Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.
 

If you wish to find out more about cookies and find out how to disable them, you can visit www.aboutcookies.org.uk/.
 

In some of our email messages, we use pixel tags to inform us whether an email has been opened or not. We may use this information to optimise or reduce future messages sent to customers.

 

Data Storage and Security of your Personal Information

We use a variety of security technologies and procedures to help protect your Personal Information from unauthorised access, use or disclosure and preserve the confidentiality, integrity and availability of your Personal Information. This includes the encryption of your Personal Information in transit via Transport Layer Security (TLS) and at rest, salting and hashing of all passwords, and a range of information security and data privacy policies and procedures within the organisation which all relevant staff and contractors must follow. To ensure your Personal Information is secure, we communicate our privacy and security guidelines to all employees and contractors and strictly enforce information security and privacy safeguards within the organisation.
 

We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When your personal data is stored by Simplyhealth, we use secure third-party computer systems with limited access housed in facilities using physical security measures. Personal Information and data uploaded to the SimplyMe Mobile Application is stored in a secure data centre in the Netherlands operated by our third-party cloud hosting provider, Microsoft Azure (“Azure”).

 

Disclosure to Third Parties

We may make certain Personal Information available to Third Parties to enable us to provide you with the SimplyMe Mobile Application or to provide ongoing support or for research purposes. Where we need to share your Personal Information with a Third Party, the information we disclose will be limited to the minimum amount necessary to ensure the quality and provision of the services provided. We do not sell or rent your Personal Information to Third Parties.

 

Service Providers

We may share Personal Information with designated Third Parties that provide services such as managing Member data, providing customer service, conducting product, research or satisfaction surveys, and sending email to you. These companies are required to protect your Personal Information.

 

Government entities, Agents / Contractors, and Others

It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for us to disclose your Personal Information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
 

We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganisation, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
 

In some instances,  we may disclose your Personal Information with agents or contractors that work on our behalf to assist us in providing and supporting the services offered. This may include analysing your data or helping us  to communicate important information to you.

 

Automated Decision-Making and Profiling

We does not take any decisions involving the use of algorithms or profiling that significantly affects you.

 

Retention of your Personal Information

We  retains your Personal Information only for the period necessary to fulfil those purposes set out in this Privacy Policy. When assessing the retention periods for any Personal Information we collect, we review our need to collect Personal Information at all and, subject to establishing a relevant need, only retain Personal Information for the shortest period possible to realise the purpose of collection, unless a longer retention period is required by law.

 

Access to, and deletion of, your Personal Information

For any Personal Information we hold, we will provide you upon request with access to your Personal Information in a standard format for any purpose, except where identified by local laws. SimplyMe  provides the ability for Members to access and correct data via the Mobile Application itself or via submitting a request to [email protected] the Mobile Application functionality is not available. You can also submit a deletion request to [email protected] to request the deletion of your data from our system, which will result in the permanent and irreversible de-identification of your Personal Information. We will  try to respond to all requests within one month.

 

Correction and updating of your Personal Information

You have the right to be able to update or correct any Personal Information we  hold. You can correct or update the information  we hold by modifying it directly within the SimplyMe Mobile Application. If you are unable to directly correct or update the information in the Mobile Application, you may contact [email protected] to request us  to update or correct the information for you. We will try to respond to all requests within one month.

 

Data breach notification:

In case of an actual or suspected personal data breach, we  will fulfil  our obligations to notify of data breaches without undue delay, including managing the end-to-end process from the recognition of a breach up to notifying you as a user.
 

Simplyhealth  has put in place appropriate procedures to deal with any personal data breach and will notify thesupervisory authority and / or data subjects where we are legally required to do so. In the event of a data breach, we  will notify the supervisory authority and the affected individuals without undue delay and within 72 hours of becoming aware of the situation.
 

If you know or suspect that your personal data may have been breached or otherwise compromised, or a personal data breach has occurred, please contact us at [email protected] to report it and obtain advice, and take all appropriate steps to preserve evidence relating to the breach.

 

Protecting Children

SimplyMe does not permit individuals under the age of 18 to create a Member Account or to use the SimplyMe  Mobile Application.
 

In the event that we learn of collecting the Personal Information of anyone under the age of 18, SimplyMe  will take steps to delete their information as soon as possible.

 

Addressing your Privacy Questions

If you have any questions, comments, complaints or suggestions regarding any aspect of your personal data or this privacy policy, please contact our Data Protection Officer [email protected] or by post at:
 

The Data Protection Officer

Simplyhealth

Hambleden House

Waterloo Court

Andover

Hampshire

SP10 1LQ.
 

You have a right to make a complaint at any time to your local privacy supervisory authority. Simplyhealth’s main establishment is in the UK, where the local supervisory authority is the Information Commissioner’s Office (ICO). You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/global/contact-us/email/
 

www.ico.org.uk

or by post at:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF
 

However we would appreciate the chance to address your concerns before you approach the ICO, so please contact us in the first instance.