PRIVACY POLICY

Managed Self Ltd (“we”, “us”, “our”, “Klarity”), a company registered in England & Wales with company number 10696687 with registered offices at

Klarity / Managed Self Ltd

Alum House

5 Alum Chine Road

Westbourne Bournemouth

BH4 8DT

Managed Self Ltd (“we”, “us”, “our”, “Klarity”), a company registered in England & Wales with company number 10696687 with registered offices at
Klarity / Managed Self Ltd
Alum House
5 Alum Chine Road
Westbourne Bournemouth
BH4 8DT

We are committed to protecting and respecting your privacy. We are a data controller under UK law. This means we are responsible for determining the purposes for which and the manner in which your personal information provided to us is processed.

Personal information means information that identifies you personally such as your name or contact details, or data that can be linked with such information in order to identify you.

Please note that we interact with other third parties and in some cases we are simply processing your personal information on their behalf. Such third parties may also be data controllers in their own right and have their own privacy policies.

This Privacy Policy sets out the basis on which any personal information we collect from you, or that you provide to us or that is provided to us by other third parties will be processed by us. Please read this Privacy Policy carefully to understand our practices regarding your personal information and how we will treat it.

WHAT PERSONAL INFORMATION DO WE COLLECT AND HOW DO WE COLLECT IT?

You may give us information about you by entering information on our app which can be downloaded via the major app stores (Klarity App) or our website, which can be found at www.klarity.health (Website); allowing us access to data about you held by third parties; filling in forms; or by corresponding with us by phone, e-mail or otherwise. You may also give us information, and we may collect and process information about you resulting from, any interactions you undertake or services you request or source from us.

It will be clear at the time what personal information we are requesting from you. If you do not provide the personal information necessary or withdraw your consent for the processing of your personal information, where this information is necessary for us to provide the relevant risk management health solution services (Services) to you, we will not be able to provide these Services to you. You don’t have to provide data and can simply choose to stop using the Klarity App or our additional Services.

Each time you use the Klarity App we may automatically collect the following information:

  • Technical information, including (but not limited to) the type of device you use, a unique device identifier, mobile network information, your mobile operating system, and time zone setting.
  • Information either accessed through your device or stored on your device which you have explicitly consented to sharing, and the providence of that data including the device used to collect that data, time, date; and location as reported by the device’s inbuilt GPS capability; and details of your use of the Klarity App and our and our Services.

We will collect the following information to set up your account and security profile, and administer and maintain your account, including for any technical updates to or technical support for the Klarity App:

  • Your basic account profile information, including your name, email address, telephone number, date of birth, and gender.
  • Details of any support queries that you raise about technical issues you are experiencing with the application for which your email will be required to process your query.
  • The passcode which you use to login to the Klarity App.

Sharing feature – other than your name and email address, people you have shared your data with via the sharing feature will only be able to see the information you have chosen to share with them. They will not be able to see or access your security information and other information you choose to withhold. You can at all times revoke access to information that they have access to.

We may also receive information about you from third parties to facilitate provision of applicable Services. This may include information provided from your GP or other healthcare provider such as your name, NHS number and relevant contact details as well as sensitive information about you including your medical records. They provide such data to us to enable us to provide the Services to you and only where you have requested the provision of such data.

HOW DO WE USE YOUR PERSONAL INFORMATION?

Klarity will process your personal information:

  1. To provide services to you or where we have a contract with you:
    • To register you for our applicable Services and manage your account and to administer and run our business.
    • To provide you with applicable Services and to ensure that the Klarity App and website presents the correct version and data for your device.
    • To update you on any developments or information about applicable Services. These are strictly service related communications and do not include marketing.
    • To allow us to investigate and resolve queries, questions and complaints that affects your use of our Services. Any personal information you submit to us via the Klarity App or Website, or that is provided to us by other means, is generally required for providing relevant Services to you.
  2. Where we have a legal obligation:

To make disclosures as required by or in compliance with reasonable requests by regulatory bodies or as otherwise required by law or regulation.

  1. Where it is in our legitimate interest:
    • To review and enhance the quality of our Services and products through details of your use of the Klarity App and Website and applicable Services. This is in our legitimate interest to ensure we continue to improve the Services we provide to our customers.
    • To allow us respond to general enquiries and feedback from you. This is in our legitimate interest in providing a responsive service to customers.
    • For internal operations, including analysis and reports, troubleshooting, detection of fraud, log data analysis, testing, security, audit and statistical purposes. This is in our legitimate interest to protect our business interests and assess and improve our business effectiveness.

To maintain a suppression list should you opt-out of receiving communications. This is in our legitimate interest to ensure that we are not at risk of breaching data protection laws by communicating with you where you have asked us not to.

    • For internal operations, including analysis and reports, troubleshooting, detection of fraud, log data analysis, testing, security, audit and statistical purposes. This is in our legitimate interest to protect our business interests and assess and improve our business effectiveness.
    • To establish, exercise and defend our legal rights which is in our legitimate interest.

Where we rely on legitimate interest as a ground for processing your personal information, we carry out an internal assessment to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing.
We keep a record of these internal assessments. You have a right to the information contained in these balancing tests on request and can find out more by contacting us using the details below.

  1. Where we have your explicit consent:

Where we rely on legitimate interest as a ground for processing your personal information, we carry out an internal assessment to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing.
We keep a record of these internal assessments. You have a right to the information contained in these balancing tests on request and can find out more by contacting us using the details below.

  1. Recommendations and Personalisation:

We will use your personal information to recommend content, products and services that might be of interest to you, identify your preferences, and personalise your experience with Klarity. Where any of the personal information we use contains sensitive information, in addition to the above, where this data is received from third parties we rely on the lawful basis of third party data provider to use such data for recommending health and wellbeing products and services.If you choose to use our health score, chronic disease risk assessment and associated functionality you consent to us analysing your data in order to conduct analysis and research into improving health and wellness for everyone. In return you will receive the benefits of that research in the form of improved information. We will contact you with opportunities to share your data for the benefit of population health and medical research. We will create a profile of you based on your use of our application, conditions, symptoms, treatment, medications, vaccinations and measurements, for use (but only where we consider that these complement, interface or align with or are relevant to, your use of the Klarity App and your profile), as follows:

  • To provide you with a health score based on the data in your profile and in some cases also based on your answers to additional questions, data points or external data.
  • To send you content, articles, paper and information.
  • To share insights from our own analysis and research where we consider that these complement, interface or align with or are relevant to, you, your use of the Klarity App and your profile.
  • To analyse the data you provide alongside that of others who have opted in, for the purposes of research.
  • To tell you about other mobile apps, or devices, products and services relating to the management, measurement, monitoring, diagnostics, testing and care of the relevant health or medical condition or stated wellbeing. They may be those of Managed Self Limited; its affiliate companies; or third parties selected by Managed Self Limited. Your visit will be according to the terms and conditions and privacy policy for their website so please read these carefully.
  • Contact you with opportunities to share your data for the benefit of population health and medical research, It will always be your choice whether to take part or not.

WHEN WILL WE SHARE YOUR PERSONAL INFORMATION?

Information about our customers is an important part of our business and we are not in the business of selling our customers personal information to others. We share personal information only as described below:

  • Transactions Involving Third Parties: We make available to you services, software, and content provided by third parties for use on or through the Klarity App or website. Your consent is required before we share any of your personal information with a third party.
  • Third-party service providers: We employ other companies and individuals to perform functions on our behalf. Examples include sending communications, processing payments, analysing data, identity verification, providing marketing and sales assistance and conducting customer relationship management. These third party service providers may have access to personal information needed to perform their functions but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Policy and as permitted by applicable data protection law.
  • Protection of us and others: We release account and other personal information when we believe release is appropriate to comply with the law, enforce or apply our terms and other agreements, or protect the rights, property, or security of Klarity, our customers, or others.
  • At your choice: Other than as set out above, you decide when to share information with third parties, without your consent information is never shared.

We will not:

  • Give or sell your personal or sensitive data to anyone else, without your specific consent.
  • Give any third party direct real-time access to your data. We do not provide access into our system from outside, unless you have explicitly consented to share your data with a third party.
  • Share tracking IDs or cookies with advertisers, insurance companies, or any other third parties.

HOW DO WE STORE YOUR PERSONAL INFORMATION?

We will store your personal information within our infrastructure using one or more Third-Party Service Providers, which are all located in the UK or EU. All data will be encrypted when being transferred.
Your data may be transferred outside of the UK or EU, for example, if we use a cloud service that has host servers located in another country. If your data is transferred outside of the UK or EU, it is done so under contract, which states how those companies or individuals must keep your data safe.
We take all steps reasonably necessary to ensure that your data is treated securely through strict procedures and security features to prevent unauthorised access to your personal information. Please contact us if you would like further information on the specific mechanism used by us when transferring your personal information out of the UK or EU.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

We will retain your personal information for as long as needed to fulfil the purposes of providing our Services to you or for a period specifically required by applicable regulations or laws. For example, where you are registered for any of our Services, we generally keep your personal information for the duration of time you utilise that Service.
When determining the relevant retention periods, we will consider factors including:

  • Our contractual obligations and rights in relation to the information involved.
  • Legal obligation(s) under applicable law to retain data for a certain period of time.
  • Statute of limitations under applicable law(s).
  • our legitimate interests where we have carried out balancing tests (see section on “How do we use your information” above).
  • (Potential) disputes; and guidelines issued by relevant data protection.

Otherwise, we securely erase or anonymise your personal information where we no longer require your information for the purposes collected. Any third parties that we engage will keep your data on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third-party providers, we will make sure they securely delete or return your personal information to us.
Klarity provides preventative health solutions for individuals to better understand and manage their own health. The variables we get from the Health Connect (Blood Pressure Record, Exercise Session Record, Height Record, Resting Heart Rate Record, Sleep Session Record, Steps Record, Weight Record) are used as part of our health risk assessment and are used in combination with self reported data to feed our AI-led risk prediction model to provide insight and recommendations.

WHAT ABOUT THIRD PARTY SITES?

The Klarity App, Website and other Services we offermay contain linksto other independent third-party websites or mobile applications (“Third-party Sites”). Clicking on those links or enabling those connections may allow third partiesto collect orshare data about you.
These Third-party Sites are not under our control, and we are not responsible for and do not endorse their content or their privacy policies (if any). You will need to make your own independent judgement regarding your interaction with any Third-party Sites, including the purchase and use of any products or services accessible through them.

WHAT RIGHTS DO YOU HAVE?

By law, you have a number of rights (subject to certain conditions) when it comes to your information.
Further information and advice about your rights can be obtained from the data protection regulator in your country (in the UK this is the www.ico.org.uk. ICO). You can exercise any of these rights by contacting us through our details below.

  • The right to object to processing; you have the right to object to certain types of processing, including processing where we rely on our legitimate interest as a grounds for processing.
  • The right to be informed; you have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Policy.
  • The right of access; you have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
  • The right to rectification; you are entitled to have your information corrected if it is inaccurate or incomplete.
  • The right to erasure; this is also known as “the right to be forgotten” and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure, there are exceptions.
  • The right to restrict processing; you have rights to “block” or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be “blocked” to make sure the restriction is respected in future.
  • The right to data portability; you have rights to obtain and reuse your information for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
  • The right to lodge a complaint; you have the right to lodge a complaint about the way we handle or process your information with your national data protection regulator. See details of the UK data protection regulator in the contact us section below.
  • The right to withdraw consent; if you have given your consent to anything we do with your information, you have the right to withdraw your consent at any time (although if you do so,it does not mean that anything we have done with your information with your consent up to that point is unlawful). Note that such withdrawal in certain circumstance may mean we can no longer continue to provide the Services to you.

We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:

  • Baseless or excessive/repeated requests.
  • Further copies of the same information.

Alternatively, we may be entitled to refuse to act on the request. Please consider your request responsibly before submitting it. We will respond to all such requests within the time period required by law. Generally, this will be within one month from when we receive your request but, if the request is particularly complex and going to take longer to deal with, we will come back to you and let you know.

WEBSITE VISITORS

If you are only a visitor to the Website and have not subscribed to the Klarity App, then we will not usually ask you to provide any health, wellbeing or medical data. Please note that if you or someone on your behalf makes any public posts to message boards or social media about your health, wellbeing or medical circumstances, you will be regarded as having agreed to such publication.
However, we will collect the following:

  • Any queries that you raise with us, for instance you may submit a question by phone, email or otherwise to us about the Klarity App.
  • Any interactions that you have with us on any of our chosen social media platforms. For instance, you may decide to like our Facebook page or send us a tweet on Twitter.
  • All other information that you choose to provide us.

We may use the data that we collect about you in the following ways:

  • Respond to your queries that you submit through the Website or via any other communication medium such as email or letter.
  • Contact you about the launch of the Klarity App where you have registered an interest in hearing about this.
  • Help us to improve the Website, including its content, layout and navigation.
  • Analyse user traffic and other metrics relating to the use of the Website.
  • Technical information, including (but not limited to) the type of device you use, a unique device identifier, mobile network information, your mobile operating system, and time zone setting.

Klarity data protections mechanisms:

Access Control – Klarity implements access control mechanisms that restrict access to sensitive data to authorized individuals or systems. This includes user authentication, role-based access control, and permission management.

HTTPS Usage – Klarity is using HTTPS communication protocol that is encrypted with Transport Layer Security (TLS) protocol to provide secure communication over the internet by encrypting data transmitted between a client and server.

Secure Storage – Klarity is using storage encryption. Secure storage mechanisms protect data at rest, ensuring that sensitive data stored on servers or databases is encrypted and secure.

Data Lifecycle Management – Klarity data lifecycle management includes secure disposal of data when it is no longer needed, preventing unauthorized access to sensitive information.

CHANGES TO THIS PRIVACY POLICY

We update our Privacy Policy from time to time and any changes we may make to our Privacy Police in the future will be posted on the Klarity App and Website and, where appropriate, notified to you. The new terms may be displayed on-screen and you may be required to read and acknowledge them to continue your use of our Website and Services.

CONTACT US

If you have any questions, comments and requests regarding this Privacy Policy, please get in touch with us:

Klarity / Managed Self Ltd

Alum House

5 Alum Chine Road

Westbourne Bournemouth

BH4 8DT

Our email address is hello@getklarity.shop

If you are not satisfied with our response to a complaint you have made, or think we aren’t complying with data protection law, you can make a complaint to the UK data protection regulator – the Information Commissioner’s Office:

ICO
Wycliffe House
Water Lane, Wilmslow,
Cheshire SK9 5AF

Phone number: +0303 123 1113

Email: casework@ico.org.uk

Website: ico.org.uk/concerns/