Version 2.0 December 2016
Ada understands and respects the need for privacy of personal information when using our products. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand the use of your personal data and how we will treat it.
For the purposes of this privacy statement, "Personal data" means information that identifies you, such as your name, telephone number and email address. "Sensitive Personal data" means personal information relating to an individual. “Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Ada operates a platform to provide you with personalised health information. You can access the Ada platform through our website at ada.com (the ‘website’) and through our iOS (and soon Android) application (the ‘App’), available for download on your mobile device free of charge. Together the Site and the App are the Ada ‘Service’ Privacy by design is key to the ‘Service’ as it is vitally important to us that our customers feel secure when using our services.
What do we do?
Ada is more than just an app. Ada is a virtual health companion on the go. Designed by a dedicated team of doctors and computer scientists, Ada gives you the best symptom assessment available. Building up a detailed picture of your health over time, Ada provides you with an accurate understanding of what is going on and helps you decide on next steps to take.
What information do we collect?
When you sign up to the service you are requested to provide explicit consent, and agree to the Ada terms and conditions to get the maximum benefit from the services we provide. When using our Service, we may collect data about you, as follows:
- When you create a profile, we ask for your name, gender, date of birth and location, to tailor our service to your situation and circumstances.
- When you register with us, we ask for your email address, so we may send you news and alerts, and enable you to share profiles between your different devices.
Additionally, we may collect other information when using our products that helps us improve our service to you and maintain operational levels. This information cannot be used to identify you. It includes:
- device model, OS version and location, so we know how best to support you and your devices;
- conditions and symptoms searched, so we know what is most important for you;
- any other data needed for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
We may ask you to provide personal information when you
- Use our website;
- Participate in surveys;
- Subscribe to newsletters, promotional emails or other materials;
- Apply for a job, submit your resume/CV or create a candidate profile; or
- Contact us.
Information we may request includes your email address and name. If you make a purchase, we may ask for your credit card number and billing information. If you make use of our clinical services, we may ask you for your direct contact details in order to get in touch with you when appropriate. We may also ask for other personal data in order to verify your identity.
How do we use Personal Information?
The information provided by you may be used in one of the following ways.
- Smart Assessment: Check symptoms wherever and whenever you want. Just answer simple, personalised questions about your health without complicated medical language.
- Pre-brief Doctors: Book a teleconsultation with a doctor, at a time that suits you. To help your doctor provide you with the best and most relevant information, Ada pre-briefs your doctor by analysing all the information you provide.
- In some circumstances, we may contact the customer where health concerns have been identified during data processing
- The improvement of the Ada services.
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may need to share personal information with companies, organizations or individuals outside of the Company if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request
- enforce applicable terms of service, including investigation of potential violations
- detect, prevent, or otherwise address fraud, security or technical issues
- protect against harm to the rights, property or safety of the Company or the public as required or permitted by law.
Our products may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
How long do we use and store your information?
Ada will retain your information as long as we are providing you with our services. If you choose not to utilise the services that Ada provide for longer than a 12 month period, we may contact you requesting confirmation that you still wish to subscribe to the services provided by Ada. If you choose to unsubscribe from our services, we will erase all personal information that will allow you to be identified within our databases. We will do so within 6 months of you unsubscribing.
As a customer of the service you have the right to contact us and request the erasure of the personal data stored for the delivery of the Ada service. Please note that in the event of the customer consulting with a doctor that consultation and all information available at the time of the consultation becomes a medical record and such medical records must be retained and cannot be erased. Medical record data will be stored for in accordance with the local legislation in relation to retention of medical records.
How is your data stored?
The confidentiality, integrity and availability of your personal data is essential to the services delivered by Ada. All information you provide to us is stored on our secure servers. We take appropriate steps to maintain the security of your data on our service. The open nature of the internet means that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. Our intention is that this should not happen and we take measures to ensure that it does not.
It is the responsibility of the customer to adhere to the Ada terms and conditions to create robust login credentials but also for maintaining the confidentiality of your login details and any activities that occur under your Account. If you have any concerns that your Account may have been misused or otherwise compromised, we ask you to let us know.
Where’s your data stored?
Will we disclose your information or share your information with other 3rd parties?
We don’t sell your data to anyone. You will have the option to be notified on possible eligibility to participate in Clinical trials and other types of research. To facilitate this, we may contact you in based on your processed data.
We may use medical data that has been dissociated from your identity (the pseudonmisation of personal data) for research purposes, such as disease monitoring and prevention through integration of different data sources such as sensors, lab tests and more.
How can you access information relating to you?
Your personal information and your Ada digital health record is available to you in your personal account at all times via your device used to access our system and services. Ada is committed to ensuring that the data we hold about you is accurate and up to date. The Data Protection Act (1998) concerns the processing of information about living individuals. It gives rights to those individuals about whom information is recorded and demands good practice in handling information about people.
You are entitled to know whether we hold information about you and, if we do, to have access to that information and require it to be corrected if it is inaccurate. You can do so by contacting Ada (details below) or alternatively you can access and review your information via the Ada service.
We may also notify users of any changes via notifications from within the Ada service.
How to contact us
Ada Digital Health Ltd For the attention of the Data Protection Officer. 20 Eastbourne Terrace, London W2 6LG - UK
Website: www.ada.com Email: firstname.lastname@example.org ICO Registration: ZA218767