HEALTHILY ASSESSMENT TOOL PRIVACY POLICY
(last update: 13 December 2024)
We respect your privacy and are committed to protecting your personal data. This Privacy Policy and our Healthily Assessment Tool Terms and Conditions explain how we process your data when you use Healthily Services.
Who we are
Healthily Ltd, incorporated and registered in the UK with the company number 08727263 whose registered office is at 36 Egerton Road, Bournemouth, BA8 9AY, UK, represented by Jonathon Carr-Brown, provides Healthily Services (hereinafter collectively referred to as: ‘Healthily’, ‘we’ or ‘us’).
Your personal data is controlled by Healthily Ltd, the data controller of Healthily Services. Should you have any privacy-related questions, please contact us at privacy@healthily.ai.
How we use your data
When you use the Healthily assessment tool we protect your privacy by processing your data in a pseudonymised manner. We create a temporary profile with the help of session IDs that enable you to use the Assessment Tool. After you complete the assessment and close the Assessment Tool, we won’t be able to recognise you on your return as the previous session and temporary profile will expire. You will get a new temporary profile with each new session and we are not able to link these profiles. We will store your assessment data to perform medical safety checks of the Assessment Tool to comply with our obligation of the necessary standards of quality and safety.
We use your data to (1) perform the assessment when you use the Assessment Tool, (2) perform internal analytics, (3) develop the Assessment Tool (train the AI model), (4) perform market surveillance and medical safety of the Assessment Tool, (5) improve the Tool's safety and security (6) reply to any request we receive to our emails feedback@healthily.ai and privacy@healthily.ai (communications).
LEGAL BASIS
Contract performance. This covers data that are processed by us that you have requested by the initiation of the Healthily Services (UK GDPR 6(1)(b) and EU GDPR 6(1)(b)).
Consent. Where you have consented to our use of your personal data, including health data (UK GDPR 6(1)(a) and EU GDPR 6(1)(a)).
Legitimate interests. This covers data processed by us for the purposes that can be reasonably expected within the context of your use of the Assessment Tool to pursue our legitimate business interests (UK GDPR 6(1)(f) and EU GDPR 6(1)(f)), in order to improve our Healthily Services and your experience, to train our AI model and to enable us to offer a safe and secure service.
Public health: This covers data processed by us where processing is necessary to ensure high standards of quality and safety of the medical device, on the basis of UK MDR 2002 (UK GDPR 9(2)(i) and EU GDPR 9(2)(i)) for post market surveillance and development of the Assessment Tool.
Archiving, research and statistics: This covers processing where health data is processed by us for statistical purposes, (UK GDPR Article 9(2)(j) and EU GDPR Article 9(2)(j)). Our legitimate interest in processing data for these purposes is to support progress in medical research and to improve pre-primary care which is in the public interest and also in line with our business goals. Our goal is to release the burden on primary care by offering pre-primary care screening so that individuals for example don’t visit a doctor in case of a cold.
PROVIDING OUR HEALTHILY SERVICES
Legal basis: contract performance and consent for the processing of health data. Data collected: as stated in ‘The data we collect’ of this policy.
Assessment Tool. We use your data so that we can provide information personalised to your query. Based on your reported symptoms and health information provided, the chatbot will be able to calculate the most likely conditions and show you the Report.
When you use the Tool, the collected data is used only for that specific assessment (session), meaning that you will receive a new identifier each time you start an assessment with the Tool. This is done with the help of a temporary API token that expires after each session after one hour up to one day of inactivity, meaning that once you complete the assessment and close the Assessment Tool, we will not be able to recognise you on your return.
We have considered safeguards to reduce the impact where possible, which is why we are storing the Indirectly identifiable personal data and Health data in separate databases.
Recommended next step (the “Report”). Once you complete the assessment using the Assessment Tool, you will be shown the Report. Please note that once you leave (close) the Assessment tool, you won’t be able to access the Report or information you shared during the assessment at a later time. If you want to keep the information, please use your browser settings to download (print) the Report before you exit the Assessment tool.
Medically verified content (“medical library”). You can search the medical library and find medically reviewed health articles. Some articles include a ‘When to see a doctor’ feature, which helps you assess the need to visit a health professional.
Options if you have a referral (Make a new claim/start a claim and Update existing claim). When you click on these options you will be directed to our Partner services meaning that we won’t process any of your data and this service will be offered by our Partner.
Check Policy information and Manage your Account. When you click on these options you will be directed to our Partner services meaning that we won’t process any of your data and this service will be offered by our Partner.
FOR INTERNAL ANALYTICS
We check how you use our Healthily Services by processing Analytical Information (please see section “The data we collect” of this Policy). We use analytics identifiers and carry out troubleshooting, testing and research.
Activity Data. We analyse your activities on a pseudonymised basis to understand how you use and interact with our Healthily Services. For example, we look at whether you conduct/finish an assessment, view health articles, interact with the assessment report, the choices made in pre-assessment options (e.g., "Make a Claim," "Get Help with Your Symptoms"), and navigation activities (e.g., using the back button, continue button, or providing feedback). Legal basis: Legitimate business interests, to help us improve our Healthily Services for you. Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.
Health data. With the help of the analytics identifiers assigned to you, we can use the data you enter when talking to our chatbot for our internal analytics and research. We process pseudonymised data to carry out aggregate statistics on the inputs and outcomes of the assessment. With the help of such statistics, we are able to learn the prevalence by geography, age and sex. We present such aggregated statistics to our Partners, always on an irreversibly anonymised basis. Legal basis: Legitimate business interest, to help us improve our Assessment Tool and where processing is necessary for statistical purposes, (UK GDPR Article 9(2)(j) and EU GDPR Article 9(2)(j)). Our legitimate interest in processing data for these purposes is to support progress in medical research in line with our business goals, which is also in the public interest to improve healthcare. Our goal is to release the burden on primary care by offering pre-primary care screening so that individuals for example don’t visit a doctor in case of a cold. Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.
FOR SAFETY AND SECURITY
To safeguard your privacy, we process your data with the help of identifiers attached to the temporary profile (user ID and consultation ID of your session); we store health data and indirectly identifiable personal data in separate databases. We do store technical logs of your activities. We collect the user’s IP address and hash it using a hashing function where feasible before it is written to our technical logs in hashed form. The hash function means that we cannot retrieve the original IP address. We use this hashed IP address only to provide the safety and security of our Healthily Services. In line with best practice, only authorised staff members can access personal data, and only when required for user safety or critical systems issues. Legal basis: legitimate interests to enable us to offer a safe and secure service. Data collected: As stated in the ‘Technical Information’ of this Policy in the ‘The data we collect’ section.
FOR DEVELOPMENT OF THE ASSESSMENT TOOL
We may use the data you share while performing the assessment with the Assessment Tool to train the AI models or improve our medical graph. Our AI models use pseudonymised training data to learn from and generate better responses (e.g. detect the user’s intent, or input symptoms), meaning that it is not possible to identify you or your data directly. To improve our medical graph and overall assessment process, our medical team will take into consideration the assessment data and perform updates as necessary (e.g. adding synonyms or updating red flags). Legal basis: legitimate business interests to help us improve the Assessment Tool for you, the additional condition for processing health data is where processing is necessary to ensure high standards of quality and safety of the medical device, on the basis of UK MDR 2002 (UK GDPR 9(2)(i) and EU GDPR 9(2)(i)). Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.
FOR POST MARKET SURVEILLANCE AND MEDICAL SAFETY
To guarantee high quality and safety standards of our medical device, the Assessment Tool, it is necessary to monitor its quality, performance and safety (“Post-Market-Surveillance”). We rely on various procedures to detect any potential malfunctions, incorrect assessments, or issues with availability or usability or to determine if any improvement, field safety or other corrective action is needed for our medical device to meet the highest quality and safety standards. We constantly review the quality of the assessment results.
We are tracking your interactions with our medical device to monitor its usability. We use pseudonymised or anonymised data to perform this task. Please see internal analytics for more information.
Legal basis: The processing is required to comply with our legal obligation to conduct post-market surveillance to ensure the necessary standards of quality and safety of our medical device under medical device regulations and as provided in the following legal texts (Article 9(2)(i) UK GDPR and EU GDPR). The basis of post-market surveillance obligations is Article 83 et seq. and Annex III of the EU Medical Devices Regulation (2017/745/EU). Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.
COMMUNICATION PURPOSES
EMAIL REQUESTS. We will use your email to respond to any queries you send to feedback@healthily.ai and/or privacy@healthily.ai.
Please do not share health data when sending emails to feedback@healthily.ai and privacy@healthily.ai as we do not respond to case-specific health issues.
Legal basis: contract performance. Data collected: email address.
The data we collect
INDIRECTLY IDENTIFIABLE PERSONAL DATA: age, gender, location (country, region - not specific enough to identify the street), time zone, service preferences, acquisition channel), identifiers (Profile ID, IP address, analytics IDs, conversation/consultation ID, device ID).
HEALTH DATA. Any type of health data you share when using our Healthily Services, such as health data collected through the Assessment Tool.
TECHNICAL INFORMATION. User agent (web browser type and version), device model, screen information, mobile service provider, location (country and city), time zone, IP address at the time of usage, Healthily unique identifiers (session ID, profile ID, conversation ID/consultation ID), records of events with Technical Information and your interaction with our Healthily Services. For example, logs on your usage of the Healthily Services, which include chat information and the articles you have viewed in the Health Library.
ANALYTICAL INFORMATION. Hashed IP address, hashed profile ID or guest profile ID, hashed conversation/consultation ID, analytics ID.
Information on how you use our Healthily Services:
General Activity (e.g. the screens you view, time spent, if you added data to your profile, whether you are in test groups, items on your home feed and interaction)
Sessions (e.g. when you started the session, duration)
Activity within Healthily Services (e.g. your data and activities, assessment outcomes and feedback, whether you sent an input that failed to be understood by our chatbot, clicks on articles, whether you opened a Report, articles you viewed, most frequent symptoms input, average duration of symptoms, range of symptom durations, and your interactions, logs on your usage of our Healthily Services).
Who has access to your data
We cannot provide all the services necessary for the successful operation of our Healthily Services by ourselves. We, therefore, share collected information with third-party providers for the purpose of offering the Healthily Services and improving them. The information we share will not identify you personally, and the providers will only use the data to offer their services to us.
For privacy-related requests, see the section “Your rights” of this Policy or send an email to privacy@healthily.ai.
Third party providers are data processors. This means they process your information on our behalf, in accordance with our instructions. We only allow your information to be used by them to offer Healthily Services to us. How third party providers use the information is controlled by the terms of their contract with us and any settings enabled by us through the user interface of their product.
AWS
The personal data that we collect from you is stored in the US on Cloud Servers of Amazon Web Services EMEA S.A.R.L. (“AWS”) with a business seat in Luxembourg.
We use AWS for storing purposes. AWS has multiple security certificates https://aws.amazon.com/security/. Your data will still be safe - we have entered into the AWS data processing addendum to make sure your personal information (IP address) is safe, namely:
a) that the AWS will use the data only to provide its storing Healthily Services
b) that it will not disclose data to any third-party
c) that the AWS restricts its personnel to process your data without their authorisation
d) that we stay in control of correcting, blocking, deleting, retrieving your data
e) that AWS is responsible for implementing and maintaining the technical and organisational measures
f) that AWS is certified under ISO 27001 and agrees to maintain an information security program for the service that complies with the ISO 27001 standards or such other alternative standards as are substantially equivalent to ISO 27001 for the establishment, implementation, control, and improvement of the AWS Security Standards
g) that AWS may use subcontractors, but will restrict their access only for the purposes of offering AWS Healthily Services.
Google BigQuery
We can draw and analyse data using Google BigQuery, owned by Google Cloud EMEA Limited, a company incorporated under the laws of Ireland, with its offices at 70 Sir John Rogerson’s Quay, Dublin 2, Ireland.. For more information, please see Google Service Specific Terms. We use Tableau Software by Salesforce UK Limited, registered in England and Wales with company number: 05094083, Floor 26 Salesforce Tower, 110 Bishopsgate, EC2N 4AY London, UK, for graphic visualisations of the data extracted from BigQuery. For more information, please see the Tableau Software Privacy Policy.
LAWFUL PURPOSES
Your data will be disclosed only when necessary for lawful purposes, our legal obligations and rights as stated herein, and will be limited to such purposes:
a) if required by law, for example to comply with a court order, subpoena, regulation, legal process or other governmental request
b) to exercise or protect the rights, property or personal safety of our company, our users or others
c) to enforce this privacy statement, including investigation of potential violations
d) upon fulfilling legal requirements of local legislation to supply certain services a third-party might legally request from us
e) to detect, prevent, or otherwise address fraud, security, or technical issues
f) if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your data
g) to respond to claims that any content published within our Healthily Services or our Healthily Services violate any right of a third-party.
How long do we keep your data?
We follow generally accepted industry standards and internal procedures to protect the data submitted to us during transmission, storage, and processing.
We store your data,
if you have consented to the processing, at most until you revoke your consent;
if we need the data for the execution of a contract, at most for as long as the contractual relationship with you exists;
if we use the data based on a legitimate interest, at most for as long as your interest in deletion or anonymisation does not outweigh the data;
insofar as statutory storage obligations exist, until the end of the storage periods;
to comply with our legal obligation to conduct post-market surveillance to ensure the necessary standards of quality and safety of our medical device under medical device regulations.
We process your data until no longer necessary for the purposes specified in the section “How we use your data” and as described below:
Assessment Tool
When you use the Assessment Tool, we store your assessment for the duration of existing retention requirements of medical safety under applicable medical device regulations. The storage duration of your data for this purpose corresponds with our obligation to comply with the necessary standards of quality and safety.
Internal analytics
Activity data. We delete the logs we keep of the IP addresses you have used after approximately six months. Other activity data, including the actions you take, the choices made in pre-assessment options, and navigation activities will be kept until no longer necessary for the purposes specified in the section “How we use your data” but no longer than for the period of our obligation to comply with the necessary standards of quality and safety.
Health data. To improve our medical graph and overall assessment process, our medical team take into consideration the assessment data and performs updates as necessary (e.g. adding synonyms or updating red flags) and analyse inputs in comparison with assessment outcomes. The storage duration of your data based on which we create the statistics corresponds to the period of our obligation to comply with the necessary standards of quality and safety. The statistics are performed and stored with the help of identifiers but shared with partners anonymously.
Development of the Assessment Tool
We store your assessment for the duration of existing retention requirements of medical safety under applicable medical device regulations. The storage duration of your data for this purpose corresponds with our obligation to comply with the necessary standards of quality and safety.
Post-market surveillance and medical safety
When you use the Assessment Tool, we store your assessment for the duration of existing retention requirements of medical safety under applicable medical device regulations. The storage duration of your data for this purpose corresponds with our obligation to comply with the necessary standards of quality and safety.
Communication
Any information you send to feedback@healthily.ai and/or privacy@healthily.ai will be deleted as soon as we respond to your enquiry, and/or the information is no longer needed or within 30 days after we receive a data deletion request.
We delete all personally identifiable data we have about you within 30 days of receiving your data deletion request.
When the data is no longer needed, we delete it using reasonable measures to protect the information from unauthorised access or use.
Your rights
You can exercise your rights by sending an email to privacy@healthily.ai. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardise the privacy of others, are impractical, or if we are required to retain such information by law or for legitimate business purposes. In the event of a suspicious request made in bad faith or accompanying unlawful behaviour, we reserve the right to deny any request you make. We will not respond to any enquiry emails which we do not understand, where the request is not clearly specified, or pertains to health questions, as we do not offer case-specific advice.
As a data subject, you have the following rights:
to request information about the processing of your data, as well as to receive a copy of your personal data. Among other things, you may request information on the purposes of the processing, the categories of personal data processed, the recipients of the data (if a transfer is made), the duration of the storage or the criteria for determining the duration;
to receive personal data relating to you in a structured, common and machine-readable format or to transfer it to another person in charge;
to correct your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of the processing;
to have your data deleted or blocked;
to have the processing restricted;
to object to the processing of your data;
to revoke your consent to the processing of your data for the future; and
to complain to the responsible supervisory authority about unauthorised data processing.
RIGHT TO WITHDRAW YOUR CONSENT
You can withdraw your consent for the use of your health data by closing the Assessment Tool. Once you have done so, we won't use this data to perform the assessment with the Assessment Tool.
RIGHT TO OBJECT AND TO RESTRICTION OF PROCESSING
We limit the amount of data we collect and use pseudonymisation to protect your privacy. To exercise your right to object or restrict processing, please send us an email to privacy@healthily.ai.
You have the right to object when we process your data on a legitimate interests basis and when we process your health data for statistical purposes and to comply with a legal obligation (post market surveillance to ensure the necessary standards of quality and safety of our medical device under medical device regulations).
We process your data on a legitimate interests basis when performing analytics, to develop the Assessment Tool, and for safety and security. Although we store your assessment for the duration of existing retention requirements of medical safety under applicable medical device regulations, we are not able to accommodate such a request since we do not store information that could link back and personally identify you.
We process your health data for statistical purposes. In the event of such an objection, we will no longer process the personal data concerned for this purpose, unless the processing is necessary to fulfil a task in the public interest, or if the discontinuation of such a processing is likely to make it impossible or seriously impair the realisation of statistical purposes and the continuation of processing is necessary for the fulfilment of statistical purposes.
We process your health data to comply with legal obligations (post market surveillance). In the event of such an objection, we will no longer process the personal data concerned for this purpose unless the processing is required to comply with our legal obligation to conduct post-market surveillance to ensure the necessary standards of quality and safety of our medical device under medical device regulations.
RIGHT TO ACCESS, COPY, RECTIFICATION
You can access your data by using the download (print) option within your browser settings. Please note that once you close the Assessment Tool, you won’t be able to access your data anymore. If you think that the information you shared when performing the assessment with the Assessment Tool is not accurate, please start the assessment with the Assessment Tool again and change the data you would like to change.
RIGHT TO ERASURE
When you use the Assessment Tool, you should be aware that although we store your assessment for the duration of existing retention requirements of medical safety under applicable medical device regulations, we are not able to accommodate your request for the deletion of your data because we do not store any data that could link back to you and personally identify you. Also, we do not create a third-party profile when you do an assessment for someone else and are therefore not able to personally identify such a person nor enable the exercise of rights.
We will delete the personally identifiable data within 30 days of receiving your deletion request.
OPTING OUT
We make sure we do not collect more information than is needed to provide our Healthily Services and we strive to limit our Providers to do so as well. We have integrated protocols to allow us to process Health Data in a way that does not directly identify you. However, you are always free to opt out of data collection by not using our Healthily Services.
Storing, security and data transfers
We follow generally accepted industry standards and internal procedures to protect information submitted to us.
STORING
We store indirectly identifiable personal data and health data in separate databases. This means that whatever you enter or do when using our Healthily Services, is not connected to the data that could personally identify you. We normally process your data with the help of session identifiers, namely profile ID, consultation/ conversation ID and analytic identifiers to avoid personal identification. In limited cases when required for user safety or critical systems issues, authorised personnel can access personal data along with Health Data. Your IP address is used to determine location, but it is normally masked (hashed) when stored on our backend.
EU and UK Territory. We delete logs we keep of the IP address within six months. We store your indirectly identifiable personal data for the duration of the provision of our Healthily Services or up to 30 days after your deletion request. This section shall not prevent any technical storage or access to information for the sole purpose of carrying out the transmission of a communication, or as strictly necessary for us to provide the Healthily Services you requested.
US Territory. We will retain collected information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by applicable legislation.
Storing might be different depending on which territory is collecting the information and the applicable legislation, but we always strive to store the information only if it is needed for the purposes of providing, improving or personalising our Healthily Services.
The personal data that we collect from you is stored in the US on Cloud Servers of Amazon Web Services EMEA S.A.R.L. (“AWS”) with a business seat in Luxembourg and on the Cloud Servers of Google Cloud EMEA Limited ("Google BigQuery"), a company incorporated under the laws of Ireland, with its offices at 70 Sir John Rogerson’s Quay, Dublin 2, Ireland.
AWS. AWS has multiple security certificates https://aws.amazon.com/security/.The data we collect from you may be transferred to, and stored at, a destination outside and inside of the European Economic Area (EEA), namely the AWS regions in the US and EU. It may also be processed by staff operating outside the EEA who work for us, or for one of our Providers. Your data will still be safe - we have entered into the AWS data processing addendum to make sure your personal information (IP address) is safe, namely:
a) that the AWS will use the data only to provide its storing Healthily Services
b) that it will not disclose data to any third-party
c) that the AWS restricts its personnel to process your data without their authorisation
d) that we stay in control of correcting, blocking, deleting, retrieving your data
e) that AWS is responsible for implementing and maintaining the technical and organisational measures
f) that AWS is certified under ISO 27001 and agrees to maintain an information security program for the service that complies with the ISO 27001 standards or such other alternative standards as are substantially equivalent to ISO 27001 for the establishment, implementation, control, and improvement of the AWS Security Standards
g) that AWS may use subcontractors, but will restrict their access only for the purposes of offering AWS Healthily Services. By using our Healthily Services, you agree to the transfer, storing and processing, as stated herein. We will take all the reasonably necessary steps to ensure that your data is treated securely and in accordance with this privacy policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.
Google BigQuery. We can draw and analyse data using Google BigQuery. For more information, please see Google Service Specific Terms. We use Tableau Software for graphic visualisations of the data extracted from BigQuery. For more information, please see the Tableau Software Privacy Policy.
SECURITY
To guarantee your privacy, we securely encrypt, limit, and restrict access to your personal details.
We encrypt all your data at rest. We have restricted access to production environments and monitoring of your session. The information is encrypted and key protected, and we have integrated commercially reasonable efforts to make sure your information remains secure when processed by us. However, please be aware that no security measures are impenetrable. If you have any concerns about the security of our Healthily Services, please contact us at privacy@healthily.ai.
To ensure security of processing we engage third-party providers for penetration testing (security testing) - a controlled form of hacking in which a professional tester, working on behalf of an organisation, uses the same techniques as a criminal hacker to search for vulnerabilities in the company's networks or applications. During security testing, the third-party provider may have access to indirectly identifiable personal data. Security testing providers are contractually bound to take all necessary technical and organisational measures to protect data, and they are not allowed to transfer it to third-parties or use it for any other purpose besides security testing for us.
TRANSFERS
Data is being transferred to countries outside the United Kingdom and the European Economic Area. We only transfer personal data to third countries where the ICO and the EU Commission have confirmed an adequate level of protection or where we can ensure the careful handling of personal data by means of contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security standards, which you can review on request.
General
Should you have any privacy-related questions, please contact us at privacy@healthily.ai. If we are not able to help, we will forward your enquiry to our External Data Protection Officer (DPO), ePrivacy GmbH, represented by Prof. Dr. Christoph Bauer, Große Bleichen 21, 20354 Hamburg. Should you have any concerns or complaints that our DPO is not able to resolve, you have the right to lodge a complaint with our supervisory authority Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Kurt-Schumacher-Allee 4, 20097 Hamburg. If you are a UK customer, you can lodge a complaint with the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Our EU Representative is ePrivacy Holding GmbH, Große Bleichen 21, 20354 Hamburg, Germany. For more information, click https://www.eprivacy.eu/en/legal.
We update this Privacy Policy to reflect changes in our data processing practices. We may not make an immediate upgrade of the Privacy Policy unless material changes occur. We encourage you to periodically review Privacy Policy for the latest information on our privacy practices. You will be informed about material changes to our data processing practices by posting the most recent version of this Privacy Policy on the home screen within the Healthily Assessment Tool.
Healthily Ltd,
Jonathon Carr-Brown,
Managing Director