Self-care starts with staying healthy. Find ways to stay healthy this winter with our self-care guide to cold and flu.
×

Your.MD Privacy Policy

(last update July 2019)


Your.MD respects your privacy and is committed to protecting your personal data. This policy, alongside our Terms of Service, explains how we process your data when you use our services.

Who we are

Your.MD is a trademark of YOUR.MD AS, incorporated and registered in Norway with the company number 999260993. The registered office is at c/o Advokatfirmaet Simonsen Vogt Wiig AS, Filipstad Brygge 1, 0252 Oslo, Norway. It offers Your.MD Services (hereinafter referred to as: “Services") via its subsidiary Your.MD Limited, incorporated and registered in the UK with the company number 08727263. The registered office is Your.MD Ltd, 5th Floor, 43 Whitfield Street, London, W1T 4HD, UK (hereinafter collectively referred to as: ‘Your.MD’ or ‘we’).

Should you have any privacy-related questions, please contact us at privacy@your.md.

How we use your data

We use your data to personalise your experience when you use our Services. We also use your data to improve the safety and security of the Services we provide, and for the purpose of analytics, marketing and communications.

LEGAL BASIS

Contract performance. This covers data that is processed by us in order to provide you with Services that you have requested.

Consent. Where you have consented to our use of your data.

Legitimate interests. This covers data processed by us for the purposes that can be reasonably expected within the context of your use of our Services to pursue our legitimate interests, in order to improve our Services and your experience, for general social benefits to enable free access to health information, for marketing our Services, promoting partners on the OneStop Health™ platform and exploring business opportunities, to enable us to offer a safe and secure service.

PROVIDING OUR SERVICES AND PERSONALISING YOUR EXPERIENCE

We use your data to understand your health so that we can provide relevant information personalised to your needs. You can personalise your experience by adding health data into your profile, completing assessments, or using other services we offer. We will use this data to personalise Services such as the symptom checker, and to recommend health plans, track your symptoms, assess your health, and display articles of interest to you.

APPS for users who create a profile. Legal basis: contract performance Data collected: as stated in ‘The data we collect’ section of this Policy.

Symptom Checker (or chatbot). We use your data so the chatbot can calculate the most likely condition based on your reported symptoms. We might use the symptom checker's results to show relevant OneStop Health™ providers in your location, or to offer follow-up notifications for relevant conditions, symptom tracking, personalised Health Plans, and receive articles about specific topics. If you use the symptom checker on behalf of someone else the collected data is used only for that specific consultation.

Health A-Z. You can search the Health A-Z and save your preferred articles. Some articles include a 'When to Worry' feature, which helps you assess the need to visit a health professional. We might show you OneStop Health™ providers based on your Health A-Z search. For example, if you read an article about asthma, we will direct you to a OneStop Health™ provider that offers services for this condition.

OneStop Health™ platform. Based on your reported symptoms, we use the information calculated by the chatbot to show you OneStop Health™ providers which might be useful to you. We create a local database on the device so we know if you have clicked on any providers. We will not disclose or share any of your data with OneStop Health™ providers.

Quizzes. We process data collected from quizzes created in brandquiz. We use your data only for the purpose of offering quizzes to you. Please see section 4 of this privacy policy.

Surveys. We process data collected from quizzes via the Typeform service. We use this data only for the purpose of offering quizzes to you and we limit Typeform to do the same. Please see section 4 of this privacy policy. Legal basis: contract performance or legitimate interests, namely, to improve our Services. Data collected: as stated in ‘The data we collect’ section of this privacy policy.

Your Profile. We do not create third-party profiles. You can decide to create a profile for yourself or use our Services without one. We use your in-app profile data to allow you to use our Services and personalise your experience. You cannot create a profile for an additional user.

Health Tracker. The health tracker can store data about your wellbeing so you can track your symptoms over time. You can also add your own data via the notes section (only in some versions of our Services) and sync with your health and fitness apps data to get useful insights relevant for your health. This data will not be used in the symptom checker's calculation.

Health Goals. By choosing the health topics which interest you, we will send you updates with useful information and tips that can help you achieve your goals. This data will not be used in the symptom checker's calculation.

Health Background. You can share your health background with us by selecting one or more conditions from the list (for example, high blood pressure, coronary artery disease, chronic kidney disease, diabetes, asthma, etc). This data will be used for the symptom checker.

Backup Your Profile. By signing in with your email/Google/Facebook account you give us permission to access and use your name and email address as outlined in this Policy. We use this data to enable you to access Your Profile from other devices. We recommend you sign out each time you leave the App so that your health data will be accessible only upon signing in.

Reports. We store your consultation report so you can access your past consultations. Consultations for third parties are not stored as reports, but we do save a record in our Technical Information logs.

Self-assessments. Health data provided while completing self-assessments and your subjective scores will not be used for the symptom checker's calculation.

Push Notifications. We will send you push notifications based on the health data you provide when you use our Services. For example, we will use a consultation outcome to send you follow-up notifications for relevant conditions and to recommend that you track your symptoms for a period of time to see how they change. We will ask you if you are feeling any better and provide information relevant to your response. We will send you notifications to display articles based on your Health A-Z search and/or our OneStop Health™ providers available in your local area. We will also use your personal details - age, gender, and acquisition channel - to send push notifications related to these characteristics. For example, we will send you an article we think may be of interest to users in a certain age group. By enabling notifications, you will personalise your experience.

Personalised Health Plan. The data collected from answers given to questions asked in assessments can be used to provide you with the Personalised Health Plan. We will send you daily reminders for symptom tracking and bi-weekly notifications about health tips on how to improve your wellbeing.

Find Services Near You. By accepting the location permission, you will be able to find services near you. This feature enables us to collect the longitude and latitude of your mobile device so that we can find services near you. We will only process your geolocation data when you use 'Find Places Nearby', and we won't store this data as we are using Google APIs. By using this feature, you consent to Google's Terms of Service and Privacy Policy, all of which is incorporated into this privacy policy.

For more information on how Places API and Place Details works, please see Place Search and Place Details. For more information on how Google processes your location data, please see Types of location data used by Google and Google Privacy Policy.

OneStop Health™ Platform. Our OneStop Health™ platform consists of providers verified by our medical team that supply specific services, treatments and products to help with medical or health-related problems. If you click on the link of a OneStop Health™ provider you will leave the app and be redirected to that provider's service. In doing so, the way in which your data is processed will be determined by that provider's privacy policy. We will not disclose or share your data with any OneStop Health™providers.

We use the data we collect from you to present you with OneStop Health™ services in your local area which might be useful (for example, providers available in your country of residence or providers for a specific condition). For this service to be free, we need to track which users click on or see links to the providers. We use this data for analytics and billing purposes. When you click the link of a OneStop Health™ provider, you will be directed to their website and that provider will receive your IP address.

Data collected by OneStop Health™ providers may include personal information, but this is governed by their own privacy practices. The providers and other third-party websites or services may place cookies or other files on your computing or smart device, collect information or solicit personal information from you. We encourage you to be aware of the privacy practices of any third-party providers you interact with. We are not responsible or liable for your interaction with third-parties, the information requests initiated by them, or the subsequent use, treatment or dissemination of information you voluntarily choose to provide to them.

WEB APP

You can access our symptom checker.

Legal basis: legitimate interests, namely general social benefits to enable free access to health information. Data collected: as stated in ‘The data we collect’ of this policy, without any directly identifiable personal data.

SITE

You can access our site here: https://www.your.md/. Legal basis: legitimate interests, to improve our Site and your experience. Data collected: as stated in ‘The data we collect’ section of this policy, without directly identifiable personal data - namely, country, region, time zone, service preference, identifiers (IP address, analytics IDs) and applicable technical and analytical information.

TESTER PROGRAM

If you decide to participate in usability tests created by Your.MD (“User Tests”) available on/via various third party providers, we will use your personal data and any other data provided through Your.MD Services (“Tester data”) only for the purposes of User Tests. Third party providers will not process Tester data for purposes or by other means than as instructed by Your.MD or as otherwise necessary to provide the services. Tester data may include personal data, including personal contact information such as name, address, telephone number, email address or other personal demographic information and helath data. Legal basis: legitimate interests, to improve our services or consent. Data collected: as stated in ‘The data we collect’ section of this policy.

During the User Tests you might enter data about your health. If this happens, we will either anonymise this data or you will be asked to consent to health data processing for User Tests purpose. We will use technical and analytical data collected for analysis to help us improve our services. All the data you provide during the User Tests will be collected and stored by third party providers. Please see 'Third Party Technology and Providers' section of this privacy policy to learn how third party providers processes your data.

MESSENGERS

We process your data so that you can use our chatbot on selected messenger platforms. Legal basis: contract performance Data collected: as stated in ‘The data we collect’ section of this privacy policy.

MVPs

We strive to provide the services that most interest you, which is why we regularly test new products and services (Minimum Viable Products or MVPs). Should you wish to use the MVPs, you will need to accept the MVP Privacy Policy and Terms of Service (MVP Policies). This privacy policy and the Your.MD terms of service form part of the MVP Policies where applicable. The MVP policies are available on our site, and a link is displayed before you consent to using the MVP. If a specific MVP policy is not available, the terms of this privacy policy and the Your.MD terms of service apply. In case of discrepancies between the MVP Policy and this privacy policy and/or the Your.MD terms of service, the MVP Policy prevails. Legal basis: legitimate interests, to helps us improve our Services. Data collected: as stated in ‘The data we collect’ section of this policy.

FOR INTERNAL ANALYTICS

We collect data on how you use our Services so we can make improvements to the service we offer you. We use identifiers but do not link these to your name or email address, and we carry out troubleshooting, testing, research, and surveys. We also analyse your activities to understand how you use and interact with our Services. Legal basis: legitimate interests, to helps us improve our Services (Site) and for general social benefits to enable free access to health informationfor users who do not create a profile. Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.

For example, we look at whether you click on a OneStop Health™ partner, conduct a consultation, view articles, use the health tracker, engage with notifications, and we will analyse the screens you use and if you added data into your profile. We check how you use our Services with the help of analytics providers (Google Analytics for Firebase and Google Analytics) and by processing Analytical Information (please see section 3 of this Policy). With the help of analytics ID assigned to you, we can use the data that you enter when talking to our chatbot (age and location, but not your name or email address) for our internal analytics and research. We do not process any information which could directly identify you in our analytical databases unless you use a service that requires us to do so. For example, we check how many users have finished a consultation or have visited our Site.

Surveys. We use surveys to ask for information/feedback/ which helps us improve our Services. You might be asked to participate in a survey via our Services. We will use your email address for a survey, research, or testing if you choose to participate. If you confirm that you would like to receive notifications when we develop a specific feature, we will inform you when this feature is available. Or if you carry out a risk assessment survey, we will send you the results of the assessment via email. Your data will be transferred to Typeform, a third-party service provider we use for online surveys. We will not collect any information that could directly identify you when you carry out a survey. Legal basis: legitimate interests, to helps us improve our Services. Data collected: your responses, your email and IP address.

FOR SAFETY AND SECURITY

We usually process your data based on IDs attached to Your profile, so we do not see your name or email address. To safeguard your privacy, we store health data and data which could personally identify you in separate databases. We do store technical logs of your activities in the app. In line with best practice, only authorised staff members can access personal data, and only when required for user safety or critical systems issues. Legal basis: legitimate interests, to enable us to offer a safe and secure service. Data collected: As stated in 'Technical Information of this Policy' in ‘The data we collect’ section.

FOR MARKETING OR COMMUNICATION PURPOSES

We use your data to send you newsletters, respond to your requests, offer surveys, and for research and testing purposes. Legal basis: legitimate interests, for marketing our Services, promoting partners on the OneStop Health™ platform, and exploring business opportunities. Data collected: email, full name (if provided), IP address or other identifier assigned by a third-party service provider.

NEWSLETTERS. We will use your email address to send you newsletters to update you about our Services, health tips, and more. If you're a business customer, we will send you emails to explore potential opportunities for collaboration. Your data will be transferred to MailChimp , a third-party service provider that we use for sending out newsletters.

EMAIL REQUESTS. We will use your email to respond to any queries you send to care@your.md and/or privacy@your.md. Your data will be transferred to Zendesk , a third-party service provider that we use for a support ticketing system. Please do not share any health data when sending emails to care@your.md and/or privacy@your.md as we do not respond to any case-specific health issues.

The data we collect

DIRECTLY IDENTIFIABLE PERSONAL DATA (only for users who decide to create a profile): Full name, email address, Facebook/Google account name and email address, geolocation - if you decide to opt in to 'Find Service Near You'.

INDIRECTLY IDENTIFIABLE PERSONAL DATA: First name or nickname, age, gender, location (country, region - not specific enough to identify the street), time zone, service preferences, Messenger's information, acquisition channel), identifiers (profile ID attached to your profile data, IP address, analytics IDs, conversation/consultation ID, device ID, messenger ID).

HEALTH DATA. Any type of health data you share when using our Services, such as health data collected through the chatbot, Health Background data, and Health data provided through specific services such as assessments, health goals, the health tracker, health plans, quizzes and tools (BMI calculator).

TECHNICAL INFORMATION. User agent (web browser type and version), device model, screen information, mobile service provider, installed app version, OS version, location (country and city), time zone, IP address at the time of usage, Your.MD's unique identifiers (profile ID, conversation ID/consultation ID), Messenger identifier, records of events with Technical Information and your interaction with our App/Services. For example, logs on your usage of the Services, which include chat information, quizzes, self-assessments and tools, the BMI calculator, and the articles you have viewed in the Health A-Z and our OneStop Health™ platform.

ANALYTICAL INFORMATION. Hashed IP address, hashed profile ID or guest profile ID, hashed conversation/consultation ID, analytics provider's unique user ID (Firebase ID) or client ID (Google Analytics ID) or Messenger ID, third-party cookies.

Information on how you use our Services:

General Activity (e.g. the screens you view, time spent, if you added data to your profile, whether you are in test groups, items on your home feed and interaction)

Sessions (e.g. when you started the session, duration)

App info (e.g. if you deleted/upgraded the App, version)

Authentication (e.g. whether you authenticated and which type of authentication)

Acquisition channel (e.g. which ad you clicked on to get to our Services)

Notification activity (e.g. whether you opted in or out of notifications)

Activity within our Services and features (e.g. your data and activities, consultation outcomes and feedback, whether you sent an input that failed to be understood by our chatbot, clicks on articles, whether you opened a consultation report, viewed consultation history, articles you view, share, whether you view/click on the partner, whether you are logging your feelings, tracking symptoms, receiving follow ups, syncing data with third-parties, whether you sign up for Health Plans and your interactions, logs on your usage of our Services).

Who has access to your data

We cannot provide all services necessary for the successful operation of Your.MD Services by ourselves. We therefore share collected information with third-party providers for the purpose of offering and improving the Services. The information we share will not identify you personally, and the providers will only use the data to offer services to us. However, we will use your email to send you newsletters and surveys. For privacy-related requests, see section 6 of this Policy or send an email to privacy@your.md

THIRD-PARTY TECHNOLOGY AND PROVIDERS

Third party providers are data processors. This means they process your information on our behalf, in accordance with our instructions. We only allow your information to be used by them to offer services to us. How third party providers' use of information is controlled by the terms of their contract with us and any settings enabled by us through the user interface of their product.

Kickbox. We use Kickbox, an email address verification service provider, to validate the email address and find out whether an email can be delivered. Kickbox processes information under our direction. Kickbox may transfer personal information to companies that help them provide their service to us. Transfers to subsequent third-parties are covered by the service agreement between Kickbox and Your.MD. Kickbox acknowledges that you have all the rights described in section 6 of this Policy. Kickbox has no direct relationship with you. If you want to access, correct, amend, or delete inaccurate information you should direct your query to us by sending an email to privacy@your.md. If you make a request to delete the information, Kickbox will respond within 30 business days. Kickbox will retain personal information they process on our behalf for as long as is needed to provide services to us. Kickbox will retain any personal information needed to comply with their legal obligations, resolve any disputes, and enforce their agreements. Please refer to the Kickbox Privacy Policy for more information about Kickbox information processing.

Zendesk. We use Zendesk® (Zendesk, Inc.) as a support ticketing system which enables Your.MD employees who respond to your emails to streamline communications in a single ticket, all within an organised workflow. This allows individual requests to be dealt with more quickly. Any information you share with us via email will be received by a Your.MD support employee who will have access to information you share. This includes statistics such as when you last requested support, the nature of the issue, how it was resolved, and how long you had to wait for a resolution. Please refer to the Zendesk Privacy Policy, Zendesk Ticketing System, Zendesk EU Data Protection and How Zendesk Protects Personal Data for more information.

Mailchimp. We use Mailchimp to send out Your.MD newsletters, for tester program correspondence, and surveys. MailChimp uses your data to host an email marketing service for us, and may share your data with third-parties for the same purpose. Your data is stored on a secure Mailchimp server. Mailchimp is not allowed to sell your data. Mailchimp will give access to/delete any personal information they hold about you within 30 days of a request. Please refer to the Mailchimp Privacy Policy for more information.You can unsubscribe from these emails by clicking the 'unsubscribe from the list' link in the footer of every email you receive from us.

Typeform. If you decide to participate in one of our Surveys, we use Typeform, an online software service for form building and surveys. Typeform will collect the following information: your responses (these are managed by us and we take responsibility for this data, which may include personal data), usage data (data about your interaction with Typeform services), device and application data (IP address, browser type, operating system, geolocation), referral data (the source that referred you to us – link on site, email etc.), and email address (to send you Typeform notification emails). All data is hosted by Amazon Web Services (AWS). Typeform's main servers are located in Virginia, USA, and its backup servers are in Frankfurt, Germany. Typeform uses Transport Layer Security to secure data in transit.

Third-party Health Trackers. You can sync data collected by third-party trackers with our Health Tracker: HealthKit(only iOS v.2. version), Samsung Health, Google Fit. We will use this data solely for providing and improving our Services, which includes health, motion and/or fitness services, to improve health management, or for health research.

brandquiz is an online software service company that we use for creating quizzes. The information brandquiz collects when performing this service for us is as follows: your responses, contact information (email address), log file information – such as connection logs (for example, web requests, IP address, browser type), timeline event logs (records of alerts and notifications that can help brandquiz to identify and diagnose the source of current system problems and help predict future problems) and analytical logs. brandquiz will pass on to us any request you have to exercise your rights (to delete, release or correct your data) as we are granted electronic access to your data. brandquiz stores the data in data centres managed by Amazon Web Services in Germany and analytics data in data centres in the USA that are managed by Intercom, Inc. Please refer to the brandquiz Privacy Policy and Data Processing Agreement for more information.

Facebook and Google Authentication. Facebook and Google Accounts. You can create your profile by signing in with your Google or Facebook account. By doing so you allow us to process this information. We use your email for authentication purposes in the Profile tables. We enable Google or Facebook authentication when you use the Apps. Some services allow you to use them as a guest without creating a profile, but this means you will not be able to retrieve your information later. Please refer to the Google Privacy Policy and Facebook Data Policy for more information.

Firebase Authentication feature enables you to sign in or create a profile with your email/Google/Facebook account. Firebase Authentication stores the following data: password (only relevant for users who created a profile with the 'email' authentication method), email address, phone number (only relevant for users authenticated with Facebook, for which the email address is not available). User Agent String and IP addresses are used for added security and to prevent misuse during sign up and authentication. For more information, please refer to the Firebase Data Processing and Security Terms.

ADVERTISING PROVIDERS

We use third-party providers to advertise our Services on other platforms and acquire new users.

Google AdWords. We use AdWords, Google's online advertising program, to reach new customers and grow our business. We use features such as Search Ads, Display Ads and App Ads. You can find more information about these features here. With the aid of advertising cookies we can make advertising more effective. Without cookies, it is more difficult for us to reach our audience, or to know how many ads were shown and how many clicks we received. When you visit our Site or see an ad that uses AdWords, either on Google services or on other sites and apps, various cookies may be sent to your browser. These may be set from a few different domains, including google.com, doubleclick.net, googlesyndication.com, https://ads.google.com/home/, or the domain of Google's partners' sites.

Facebook Ads. With the use of Facebook ads we can redirect you from the Your.MD Facebook profile to download the Apps from App Store or Google play, or directly to our Web App to enable you to use our Services. For more information on Facebook ads, please refer to the Facebook ads basic and Facebook Data Policy.

Messengers. You can use our Service with various messengers, namely Kik, Skype and Telegram. By doing so, your data processing is governed by each messenger's individual privacy policy. You will need to accept the terms of the relevant privacy policy when registering for their service, so please read this carefully.

Skype. The Your.MD chatbot on Skype is enabled by the Microsoft Bot Framework. As a service provider, Microsoft will transmit content you provide to our chatbot/service to enable our Services. Our chatbot will have access to your Skype Name (the username you created when you first joined Skype, personal data you used for authentication) and any chat messages or content that you share. Please refer to the Microsoft Privacy Statement for more information. Your interactions with our chatbot are subject to Skype's terms of use, privacy, and data collection policies. Please refer to the Skype IP, Data Protection and Privacy and Skype Connect Terms for more information.

To protect your privacy rights and control the data processing we have entered into Microsoft Online Services Terms. This includes Microsoft's core privacy and security commitments, data processing terms, Model Clauses, and GDPR terms.

Free Basics Platform. We have integrated our Services with Free Basics to enable you to access our Services where internet access may be less affordable. You will be able to engage with our chatbot and find health information by reading articles. Free Basics by Facebook offers access to websites and third-party services free of charge. You can find our Services here. Or to learn more about Free Basics and how it works, visit Free Basics. Please refer to the Privacy on Free Basics for further information.

ONESTOP HEALTH™ PROVIDERS

Addicaid, AIDE, Akira, Altbibbi, Ask The Midwife,AugmentCare, Antidote, BetterPT, BigWhiteWall, Bisa, Braive, Brook, CCBT, Cera, ConnectMed, Daily Yoga, Doctor Care Anywhere, Doctify, Doctor Insta, Doctor On Call, Doc2Us, Dr. Morton's, Echo, Eyr Medical, First Derm, Firstcheck, GetDoc, GPDQ, Hay Fever Relief, HelloDoctor, HelloDoctor Ethiopia, healthexpress, InnerHour, KRY, KingFit, Knok, Lark, Life Circle, London Osteoporosis Clinic, Marie Stopes International, MDalgorithms – MDAcne, MedicSpot, MedGrocer, Mimi, Minds for life,MyHouseCall,MyLab,MyMeds, My Pocket Doctor, mySugr, National Migraine Centre, NHS Choices, Obino, PAPYRUS, PayAsUGym, Pacify,Pliro, Portea, Project Red Ribbon, Pzizz, Sehat, Sexwise, Siha Health, SH:24, Slide safe, Smoke Free App, Supercarers, TB Alert, The Pip, Thriva, Urban Massage, VIDA, WellaHealth, West Africa Aids Foundation, Zennya, ZoomDoc, 1mg.

COMMUNICATION PROVIDERS

We use third-party services for our internal communications and communication with external partners, namely:

Skype www.skype.com/en/, https://www.skype.com/en/legal/,

Slack https://slack.com/,https://slack.com/privacy-policy,

Google Hangouts https://hangouts.google.com/, https://policies.google.com/privacy?gl=SI&hl=en-GB,

Gmail https://www.google.com/gmail,https://policies.google.com/privacy?gl=SI&hl=en-GB.

We do not share directly identifiable personal data with these services.

MANAGING PROJECTS, HOSTING, SOFTWARE DEVELOPMENT AND CLOUD STORAGE

Gatsby https://www.gatsbyjs.org/,

Github https://github.com/, https://help.github.com/articles/github-privacy-statement/,

Trello https://trello.com/en, https://trello.com/privacy?truid=trd2c0ae-6aa2-0b90-4a85-b5288442e268

Zeplin https://zeplin.io/, https://zeplin.io/privacy,

Jira https://www.atlassian.com/, https://www.atlassian.com/legal/privacy-policy,

Google drive www.google.com/drive/, https://policies.google.com/privacy?hl=en&gl=US

Dropbox https://www.dropbox.com/privacy2016,

Tableau https://www.tableau.com/tos, https://www.tableau.com/privacy

ANALYTICS PROVIDERS

With the help of analytics providers, we collect Analytical Information to help us improve our Services for you. We chose our providers carefully and set the most restrictive controls available to ensure they do not use your data for any purpose other than providing services to us.

Google Analytics for Firebase

Google Analytics for Firebase (GAF) allows us to collect data on how our apps are used, as described under 'Analytical Information' in section 3 of this policy. When you install our app, GAF collects the following data: unique identifiers, browser type and settings, operating system, mobile network information, IP Address (which is anonymised before any storage or processing takes place), crash reports, device identifiers, and an pp instance identifier — a randomly generated number that identifies a unique installation of our app. We use Analytical Information to improve and personalise our apps.

To learn more about how GAF processes your data, please refer to the following: Google Analytics for Firebase Use Policy, Information for Visitors of Sites and Apps Using Google Analytics, How Google uses information from sites or apps that use their services, and Terms of Service for Firebase Services.

Google BigQuery We can draw and analyse data from GAF using Google BigQuery. For more information, please see Google Service Specific Terms. We use Tableau Software for graphic visualisations of the data extracted from Firebase Analytics and BigQuery. For more information, please see the Tableau Software Privacy Policy.

Google Optimise is used with GAF data to quickly and easily identify areas of our App which require improvement. We use this service to provide A/B tests, and to see which flow or design works best from a user perspective. We do this by splitting users into test or control groups to see which performs best. Visit Google Optimise for more information.

AWS Analytics does not access or use your data for any purpose other than to provide services to us, as legally required, and to maintain AWS services. Strong encryption of your data is in place. You can refer to the AWS Privacy Notice for more information. Please note, AWS Analytics is only used in our iOS App.

Google Analytics (GA) is usedon our Site and Web App. When you visit the Web App or our Site, your web browser automatically sends your IP address and information on how you use the Service to GA. Processing is based on a GA-created browser ID by using cookies. GA uses IP addresses to provide and protect the security of the service, and for us to know the country you use our Services in. GA anonymises the IP address before any storage or processing takes place by obfuscating the last few digits. Please refer to the IP Anonymisation in Analytics. GA processes the data based on a GA identifier called Client ID, which is stored in a cookie. Identifiers such as cookies and GA user IDs measure and report statistics about your interactions on our Site and/or Web App. GA stores cookies on your device to keep track of how you use our Site/Web App statistics without personally identifying you. We use the data collected by GA to improve the quality of our Site and Web App and to analyse Site/Web App usage. For more information, please read How Google uses cookies. Google has an EU Privacy Shield certificate and uses Standard ISO 27001 security measures. For more information on operational security and disaster recovery, please visit: How Google analytics secures your web traffic and Safeguarding your data. For general information, please read the following: How Google uses information from sites or apps that use their services, Safeguarding your data and the Google Privacy Policy.

AppsFlyer provides a software development kit which allows the tracking of mobile application use, installations and downloads. It helps determine where the user came from (for example, Facebook, Google Ads, organic user) so we can track and analyse your characteristics and activities. To do this, we may upload some of your data to the AppsFlyerplatform and servers. Please refer to the AppsFlyer Privacy Policy for information on how AppsFlyer processes your data.

Fabric is a business division of Google Inc. and we use their Fabric Crashlytics for crash reporting and beta testing of our mobile App. It helps us understand our App by tracking information about how publicly-released and beta versions of our App are functioning. For more information, please refer to Crashlytics Privacy Policy, Fabric Privacy and Security and the Google Privacy Policy.

Facebook Pixel is an analytics tool that allows us to measure the effectiveness of our advertising by understanding the actions you take on our Site. We have placed a pixel code on the header of our Site so that when you visit our Site and take an action (such as clicking on the Web App), the Facebook pixel is triggered and reports this action. We then know when you take an action and will be able to reach you again in future through targeted Facebook ads. With Facebook Pixel we relay conversions back to Facebook which enables retargeting. For more information, please read the Facebook Data Policy and visit The Facebook pixel.

PRESS RELEASE

We use a third-party provider called Totem for the site's press page. When you click through to the Press section of our site, you can choose between different articles. By clicking the link you will be redirected to a third-party site. Please be aware that by doing so, the processing of your data will be governed by their own privacy policies.

TESTER PROGRAM

Lookback. If you decide to participate in User Tests, this will be performed via Lookback Platform. In its provision of services, Lookback may collect Recording information, such as image appearance and audio captured by microphone and Onboarding Information, such as name and email address. For more information, please read Lookback Privacy Policy.

LAWFUL PURPOSES

Your data will be disclosed only when necessary for lawful purposes, our legal obligations and rights as stated herein, and will be limited to such purposes: a) if required by law, for example to comply with a court order, subpoena, regulation, legal process or other governmental request b) to exercise or protect the rights, property or personal safety of our company, our users or others c) to enforce this privacy statement, including investigation of potential violations d) upon fulfilling legal requirements of local legislation to supply certain services a third-party might legally request from us e) to detect, prevent, or otherwise address fraud, security, or technical issues f) if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your data g) to respond to claims that any content published within our Services or our Services violate any right of a third-party.

How long do we keep your data

We follow generally accepted industry standards and internal procedures to protect the data submitted to us during transmission, storing, and processing. We store your data for as long as is needed to provide our Services.We may store it for longer, but only in a way that it cannot be tracked back to you. We delete all personally identifiable data we have about you within 30 days of receiving your data deletion request. Please make sure you request a copy of your data before you ask to delete your data, as your data will not be retrievable afterwards.

We delete the logs we keep of the IP addresses you have used after approximately six months. When the data is no longer needed, we delete it using reasonable measures to protect the information from unauthorised access or use. Any information you send to care@your.md and/or privacy@your.md will be deleted as soon as we respond to your enquiry and/or the information is no longer needed.