Health Shared Logo whiteHealth Shared Logo dark

Privacy Notice

Last updated: July 2024

Health-Shared

Axiom Medical Ltd ("we", "us", "our") is committed to the protection and security of your personal information. It is important that you read this notice so that you are aware of how and why we are using such information. This privacy notice describes how we collect and use personal information during and after your relationship with us, in accordance with data protection law. This notice will be updated regularly.

The Type of Personal Data We Process

We currently collect and use the following information:

  • Name
  • Location
  • Contact details
  • Account information (username)
  • Contributions to the Website
  • Technical data (IP address, browser type)
  • Usage data (how you use our Website)

We also collect special categories of information, such as:

  • Health information (if provided voluntarily)

How We Get Your Personal Data and Why We Have It

Most of the personal information we process is provided to us directly by you for the following reasons:

  • Creating and managing a Health-Shared account
  • Contributing to the Website
  • Contacting us for support or inquiries

We also receive personal information indirectly, from the following sources in the following scenarios:

  • Technical data from cookies and analytics services to improve our Website - We do not receive any information from third-party cookies unless otherwise noted.

We use the personal data we receive in order to:

  • Provide, operate, and maintain our Website
  • Improve and personalize your experience
  • Process transactions and manage your account
  • Communicate with you, including for customer support
  • Monitor and analyze usage to improve our Website

Compliance with Third-Party Services

Third-Party Processors: We only engage with third-party service providers who are GDPR compliant and align with our privacy policy. We conduct regular reviews of these providers to ensure ongoing compliance.

Data Storage: All personal data is securely stored on European GDPR compliant servers. Initially, some historical data was stored in Google Firebase in the United States, but we are currently migrating all data to the EU to ensure full GDPR compliance. You can review Google Firebase’s Standard Contractual Clauses (SCCs), data processing information, and agreements in their Terms of Service for Firebase Services.

We May Share This Information With:

  • Service providers to help us operate our Website and provide our services
  • Legal and regulatory authorities to comply with legal obligations

Lawful Bases for Processing

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

  • Your consent. You may withdraw your consent at any time
    by contacting us at info@health-shared.com
  • We have a contractual obligation.
  • We have a legal obligation.
  • We have a vital interest.
  • We need it to perform a public task.
  • We have a legitimate interest.

International Data Transfers

There are no international transfers.

How We Store Your Personal Data

Personal data is stored securely and in accordance with our data retention schedule. At the end of this period, your data is securely deleted or anonymized.

Your Rights

You have the following rights regarding your personal data:

  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organization, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. If you wish to exercise your data protection rights, please contact us at:

Health-Shared Privacy Team
Axiom Medical Ltd
5 Saint Andrew’s Road,
London
NW11 0PH

How to Complain

For UK Users:

If you have any concerns about our use of your personal data, you can contact our Data Protection Officer:

Data Protection Officer
Usman Jaffer
info@health-shared.com

You can also complain to the Information Commissioner's Office (ICO) if you are unhappy with how we have used your data:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
ICO website

For U.S. Users:

If you are a resident of the United States and have any concerns about our use of your personal data, you can contact the Federal Trade Commission (FTC):

Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580
Telephone: (202) 326-2222
FTC website

Additionally, you may also reach out to state-level consumer protection agencies if your concern is specific to state law.

Date of last review: July 2024