Nom nom, cookies! We use cookies to give you the best online experience. By using our website, you agree to our use of cookies in accordance with our Privacy Policy.

SmartStart Health Ltd - Privacy Policy

 

Under data protection laws, we are required to provide you with certain information about who we are, how we process your personal data and for what purposes, and your rights in relation to your personal data. It is important that you read the information in this policy before sharing any personal data with us.

By using the SmartStart CGM services (“Services”) you provide your consent to our processing of your personal data as described herein.

This policy (together with our terms of use set out at [https://cgm.smartstart.health/terms-of-use]  applies to your use of the Services.

Who are we?

We are SmartStart Health Ltd, a limited liability company registered in England and Wales under company number 13696565. Our registered office is at 86-90 Paul Street, London EC2A 4NE, United Kingdom.

Our data protection officer is Melissa Holloway, who can be contacted by email at support@smartstart.health.

Changes to this privacy policy

This version of the privacy policy was last updated on 13 September 2022. We may update this privacy policy from time to time. If we do, all changes will be posted on this page. By continuing to use the Services you will be deemed to have accepted any amendments made to this privacy policy.

What data do we collect?

We collect the following data:

  • Personal identification information (Name)
  • Usage data
  • Device data

We also collect, use, and share aggregated data such as statistical data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users who use certain features of the Services.

We do not collect any special categories of personal data about you (this includes this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

How do we collect your data?

We will collect and process the following data about you:

    • Information you give us - you directly provide us with most of the data we collect including when you: register for the Services through your healthcare professional; use or view our app and website via your browser’s cookies; by completing activities as you progress through the app modules; or when you provide feedback using the feedback form built into the SmartStart CGM platform. We will also collect and process data that you provide through contact forms, emails and other correspondence that you send to us, and data that is provided to us by your healthcare professional.
    • Information we collect about you and your device – each time you access and use the Services we will automatically collect personal data including device content and usage data. We collect this data using tracking technologies.

How will we use your data?

We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data in the following circumstances:

  • where you have consented before the processing;
  • where we need to perform a contract we about to enter or have entered with you
  • where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation

We will only send you direct marketing information by email if we have your consent. You have the right to withdraw that consent at any time by contacting us.

We may share your personal data with third parties where we have a lawful and legitimate reason to do so. For example, we may share your personal data with legal advisers, accountants, tax authorities, courts, and other governmental bodies and professional advisers.

Any information you input into the Services will not be shared directly with your healthcare professional. We will share aggregated results/scores as opposed to the information that is input.

How do we store your data?

We securely store your user registration data with Eurekos LMS, a web and data service in the European Union. Eurekos is certified to the highest standards for information security, ISO/IEC 27001:2013 and ISO/IEC 27001:2019. They are a fully GDPR compliant organization. Details of Eurekos’ data processing policy can be read at [Data Processing Policy].

We will keep your personal data associated with the Services until one year after you stop using the service. Once this time period has expired, we will delete your personal data automatically. Anonymized data will be retained and used for research. This does not override any legal obligation that we have to store data in order for us to comply with data protection laws and regulatory obligations.

We will retain personal data where consent has been provided in connection with marketing until such time that consent is withdrawn in accordance with the following section.

Marketing

We would like to send you information about new diabetes- and health-related information, products and services that we think could benefit you. We will never sell or share your personal data for marketing purposes.

If you have agreed to receive marketing communications, you may always opt out at a later date.

If you no longer wish to be contacted for marketing purposes, please email us at support@smartstart.health.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing. We may charge you a small fee for this service.

The right to rectification – You have the right to request correction of any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.

The right to erasure – You have the right to request that we erase your personal data, under certain conditions, i.e., if there is no good reason for us to continue to process it.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions. This right will not apply if we can demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions. If you exercise this right we will provide the data in a commonly used, machine readable format.

The right to withdraw consent – this is dealt with above.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at support@smartstart.health.

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

How do we use cookies?

We use cookies in a range of ways to improve your experience on our website and app, including:

  • keeping you signed in to the Services; and
  • understanding how you use our website

What types of cookies do we use?

We use functional cookies so that we can recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.

How to manage cookies

You can set your browser not to accept cookies, and you can remove cookies from your browser. However, in some cases certain features of the Services may not function as well, or at all, as a result.

Privacy policies of other websites

The Services may include links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Withdrawal of consent

You may withdraw your consent to our processing of your personal data at any time by contacting us by email at support@smartstart.health but that will not affect the lawfulness of any processing carried out before you withdraw your consent.

How to contact us

If you have any questions about our privacy policy, the data we hold in relation to you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: support@smartstart.health

How to contact the appropriate authorities

Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the appropriate information regulator.

USA. The Federal Trade Commission. Phone: (202) 326-2222

UK. Information Commissioner’s Office. Phone: 0303 123 1113