Our Privacy Policy

We are committed to protecting your data. This privacy policy will inform you as to how we look after your data when you use our platform at https://ourishealth.com/privacy or via the Ouris application (“Platform”) (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

1. WHAT THIS POLICY COVERS

This privacy policy aims to give you information on how we collect and process your data through your use of our Platform.

Ouris health – Web Application

Ouris Health – APPs

2. WHAT DATA WE COLLECT ABOUT YOU

This privacy policy aims to give you information on how we collect and process your data through your use of our Platform.

  • Personal Data - Name, Date of Birth, Address, E-mail, Telephone.
  • ID Documents – A valid ID for Registration.
  • If you are giving information about another person, you are confirming that you are authorised to do.
  • For children’s Registrations – The parent or legal guardians’ details collected as Personal data.
  • Special Data – We collect your Gender and Ethnicity data only and do not collect any other special data.

For Health and Care professionals and Organisation

We collect only the data relevant to conduct our legal contract

  • Personal – Name, Organisation details, E-mail, and Telephone
  • Special Data – Ethnicity and Gender: This is collected to assist with request from your patients. We do not collect your date of birth.

Health Data

Using our APP and Web Application we collect and process information about your health.

  • General Health -Symptoms, Treatments, Advices, Medications
  • Health Parameters – Personal health monitoring entries
  • Symptom entries and Health data entries, which are shared with your health care professional
  • Video and online consultation details and recordings
  • Messaging, Chats, Notifications, SMS Texts

The information is from yourself and from your health care professional

Your details are shared with Health care professional with your consent when you sign up with Ouris

We send all your private consultations to your registered health care professional with your consent

Other Details

We hold details of your conversations with us for support, Technical calls, Chats, Messages and Visit notes

Data from other sources

If you use a third-party device or apps to connect to Ouris health, we ask your permission to receive health data from third party devices.

For Private patients, if you are making a payment to a health care professional using your debit or credit card using our platform, we do not hold any card details and they are processed by a third-party payment provider.

What Technical Data we collect

  • Log in date, Time, location, IP
  • Browser information of log in
  • APP downloaded device, Model and Version
  • Your visits to our site and your browsing information in our site (Help, Information and Products)
  • We may use your browsing information in our web site to share with analytical partner to improve our user experience and to check our performance

We do not use any health information about you.

Cookies

We use cookies saved in your phone, tablet, or computer, when you visit our site external pages only. They collect information about how you browse our website pages. We do not use cookies on your health and medical Information.

3. WHAT WE USE YOUR DATA FOR

This is how we use your data and legal reasons for it

Providing you with a service

We need your personal details for your registration with our product, to enter a contract to deliver services.

Health Data

The health data and health information provided by you and your health care Provider is shared between both with consent. We allow your health care professional to share clinical information, treatments, Medication details, health parameter details and provide health advice on your condition using online and Video Consultation tools with you and with other health and care professionals involved in your care. (GPs, Hospitals, Community Care, Therapist, Pharmacist)

The information is about

  • Legitimate interest with your health (Planning, Advice and Treatment)
  • Public Interest – (NHS Obligation)
  • Online and Video consultations, Medical details, Prescriptions, Health Parameters and Symptom check list and its severity
  • Our Private section of the APP will show services closer to you by using your location to find a chemist or a Healthcare Professional

We do not use any of your health and medical information for analytics. We use your feedbacks to improve our Health information platform.

We collect data from devices when you have an outage using our product to find out the reasons behind the outage.

Marketing and Communication Data

We send you Notifications and text messages about your Appointments and Health promotion messages to assist and to remind you about your appointments. The notifications and text Messages may come from Ouris or from your Health care Professional Organisation using Ouris Health Platform.

We may contact you with marketing messages, product updates, surveys, and information on our product. You can opt in or out by going to settings, privacy controls of your APP and in your account settings when using Web application.

Regulating the quality and safety of our service

We use your health information for Training, Safety, Regulatory and Compliance Purpose.

This means that :

  • If we are legally required to, or asked by a regulator, we may need to share your information with regulatory bodies like the General Medical Council, Medicines and Healthcare Products Regulatory Agency or Care Quality Commission
  • We may audit how you use our services, for example to review the quality of results provided by our products

To detect and prevent fraud, we may need to share your personal and financial information with banks, financial institutions, and fraud prevention services.

4. HOW WE STORE AND MOVE YOUR DATA

Your data are stored in our secured servers.

Your Personal data

Your Medical and Health Data (Consultations, Chats, Messages, and all about your health)

We do not hold any information locally in your devices (Mobile Devices)

Protection

We are committed to keeping your personal and Health information you provide us secure and we will take reasonable precautions to protect your personal information from loss, misuse, or alteration.

We have implemented information security policies, rules, and technical measures to protect the personal information that we have under our control from:

  • unauthorised access.
  • improper use or disclosure.
  • unauthorised modification, and
  • unlawful destruction or accidental loss.

All our employees and data processors (i.e., those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information.

You are responsible for keeping your password and/or authentication method confidential. Please do not share it with anyone.

For making payments to your private practice appointments and for Ouris, we do not store any of your credit card details and they are processed by a third-party provider. They follow strict industry data security standards. These are known as Level 1 Payment Card Industry (PCI) data security standards.

Where we store your Data

Your Data is stored locally with in UK and not processed outside UK and we operate in line with Data Protection guidelines.

Sharing your Data

We share your Personal Data with Healthcare Organisations involved in your care and with organisations (NHS) using Ouris as a solution. We may share your personal data with private organisations to assist with support and chat. These companies can only use your data on our instructions, and they have contractual terms, and they have to act in line with data protection laws.

If you use our services through our partner Organisation (Health Insurer), we may share some of your information with them. We do not share your Medical and Health Information.

We share the below information.

Name, Date of Birth, E-Mail, Telephone, Address and Policy Number

Health Care Organisation

We will share your details with Health and Care Organisations involved in your care.

  • Your NHS GP
  • Hospitals
  • Social Enterprise Organisations involved in your care
  • Care and Nursing Homes
  • Therapist
  • Pharmacy
  • Community Care
  • Emergency Services (Urgent Care, Accident and Emergency)
  • Other Health and Care Organisations

By law, we may need to share information with these services to safeguard either you or others or conduct a public task (in the case of our NHS services). We may need your consent, or to rely on our legitimate interests to provide you with healthcare before we can share this information.

Protecting Public

We may use your health data to protect the public.

Your data could be vital to help research, monitor, track and manage public health emergencies, like pandemics.

In a public health emergency, your information may be shared in a way that is appropriate and lawful with organisations such as:

  • NHS Digital
  • NHS England and Improvement
  • Public Health England
  • Local authorities
  • Health organisations
  • GPs

We will limit the use or sharing of data to the period of the emergency and will only share data to the extent necessary.

We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.

Our NHS services

We share your data across NHS organisations involved in your care if you choose to use our NHS solution. The organisations include GPs, Hospitals, Pharmacies, Urgent care, Accident and Emergencies and Ambulance services.

Our solution is integrated with existing NHS solution and we share your data for identification and to share medical and health details.

If you are a resident in a nursing and care home, we share your data with your resident care organisation for identification and to share health information with your NHS care provider.

Summary Care Records

These records are patient information records received from your GP and NHS records. These are viewed only by authorised staff involved in your direct health care. If you do not wish to share you can opt own by contacting your GP or NHS Organisation or remove the link from your linked practices and to fill an opt out form at your GP practice.

We may keep or share information about you if we need to :

  • Comply with a law, regulation, legal process, or government request
  • State our legal rights or defend against legal claims
  • Stop, find, or investigate illegal activity, fraud, abuse, breaking our terms, or threats to the security of our services or the physical safety of anyone

5. HOW LONG WE KEEP YOUR DATA

We will only retain your personal data in line with the UK Electronic Health data guidelines, for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

We follow advice of British medical Association and Department of health guidelines on how long to retain your records, this is also called retention period.

Your Information

How long we keep it (its 'retention period')

Health Records – NHS and Private Records- This includes medical records, consultations with GPs and Health Diary interactions

We keep your NHS and Private medical records for 10 years after your death or after you have permanently left the country.
We may keep your records longer if there are genetic implications for your family. We work on the advice from clinicians in this situation.
Electronic patient records cannot be destroyed or deleted for the foreseeable future.

Video and Online consultations

If we keep your video and online consultations (Messaging, chats, Notifications and SMS), they are kept in the same way as your NHS and private records

Voice (or audio) consultations

We keep your voice consultations in the same way as your NHS and private records (although that period could change if our product changes).

Health Diary

We keep your entries with our Health Diary in the same way as your NHS and Private records.

Communications with support teams, including phone calls, emails, and live chats

1 year after you leave Ouris Health service.

Maternity records If used as part of NHS

We keep your records for 25 years after the birth of your last child.

Records on any treatment for a mental disorder (as described in mental health legislation)

We keep your records for 20 years after the date of your last consultation. Or 10 years after your death if that is sooner.

Your Rights

You are in control of your personal information. Under data protection law, you have the right to:

  • Remove or change your consent at any time, if we are using your data in a certain way based on it. You can do this by :
    • Going to APP, Setting, Change Privacy settings
  • Ask for a copy of the personal data we hold about you. Your data is stored in line with our legal and medical obligations. See : how long we keep your data).
  • Ask us to correct information that is wrong, delete it, or ask that we only use it for certain purposes. There might be times when we are not able to help, like if the law or our medical obligations say we cannot.
  • Ask for your data to be provided in a portable format that allows you to move, copy or transfer it. Or ask us to send it in this format to someone else.

To do any of these things, please contact us at :

Data Protection Officer,
Ouris Health,
Suite 201, Cheadle Royal Business Park,
Cheadle,
SK9 3GP

Or mail to DPO@ourishealth.com

We will ask you for a proof of identity. Data protection laws give us one month to get back to you.

We are regulated by the Information Commissioner's Office (ICO). If you are not happy with any aspect of our data handling, you can complain to the ICO directly.

You can contact them at :

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone : 0303 123 1113

6. THIRD PARTY LINKS

This website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

7. CHANGES TO THIS PRIVACY POLICY

We may make changes to this privacy policy from time to time.

We may notify you by e-mail of any significant changes. However, we encourage you to review the privacy policy on our website periodically to be informed of how we use your personal information.

If you do not agree to the changes, then you can stop using our services at any time.

Last updated December 2020