Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device.
Key principles of GDPR:
Processing of your personal data
We take data security extremely seriously.
When you give us your data, you trust us to keep it secure and anonymised. Any personal or sensitive information we hold about you is protected by strong encryption and held in secure data centres.
Storing your data
We store all of your personal mental health data on secure servers. Mental Health data includes your some medical information (such as symptoms and treatment). Your data may be processed or stored via destinations outside the European Economic Area but always in accordance with data protection laws and subject to strict safeguards.
Protecting your data
We encrypt all data transmitted to and from the app, and use strict procedures and security features to try to prevent unauthorised access. Payments are processed via a third party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards.
Securing your data
We regularly test our servers to make sure our security controls are the best, and we work with industry-leading hosting partners to ensure our infrastructure is protected. Within the app, access to clinical records requires two factor authentication and robust audit processes are in place to ensure data is accessed securely and appropriately.
To keep your data protected, please:
Make sure you have a strong password
Change your password frequently
Keep your password safe
We want you to understand what data we collect and how we use it.
When you use Myndr, you give us access to your data. We want to be transparent about what we collect, and how we use it to make our range of digital mental health and wellness services work better.
How you interact with us
When you use our services – for example our AI services – we process and information you provide (such as the issues you are looking to work on, values and learning style). Over time Myndr Ltd will use the data to ensure the suggestions, content and other features are of the most relevance to you.
Data and the Myndr Ltd services
With your consent, we use data to build a better Myndr for all users – to make our services faster, smarter and more useful to you – so we can deliver better mental health and wellbeing support. When we use data to learn from, we always remove personal identifiers (such as your name, contact details and address) to ensure that your privacy is protected.
Data improves the performance of our artificial intelligence, which in turn will provide you and our users with a better service.
With your consent, data provides your doctor or chosen professional support with more information to help them give you with the best care possible. For example, when you track your mood over time, they will receive details of your interactions and mood patterns.
Who we share your data with:
We use a number of service providers who act as data processors on our behalf. They are bound by strict confidentiality and data security provisions, and can only use your data in the ways specified by us.
Medical services providers
Where necessary, we’ll share your information with other medical services providers – for example NHS bodies, your doctor, hospitals and emergency services. This will always been done anonymously and only used to better advise on new invention and policies for mental health and well being. Only in the event that you break Myndr Ltd’s Terms of Service will you waive your right to remain anonymous.
Insurance or Employment companies
If your Myndr access is funded by an insurance provider or Employer, we will share anonymised data with them to better aid in creating a safe and productive work environment. This will only be done with your explicit consent.
Putting you in charge of your data
We put you in change of your data through our privacy control centre which can be accessed via our platform.
Control your privacy settings
We are developing the Myndr platform to give you quick access to your privacy preferences from one location. You’ll be able to manage your personal information and opt out of Myndr Ltd learning from your data at any time.
Discover what we know about you
You can access most of your data via our platform.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Some cookies are required to enjoy and use the full functionality of this website.
Cookies that we use are;
- First-party cookies which collects page views and analytics.
- Secure Cookies to facilitate safer transactions during online payments
- Persistent Cookies so that you do not lose data in the event of a browser close.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Fair & Transparent Privacy Explained
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Sponsored links, affiliate tracking & commissions
Clicking on any adverts, sponsored or affiliate links may track your actions by using a cookie saved to your device. You can read more about cookies on this website above. Your actions are usually recorded as a referral from our website by this cookie. In most cases we earn a very small commission from the advertiser or advertising partner, at no cost to you, whether you make a purchase on their website or not.
We use advertising partners in these ways to help generate an income from the website, which allows us to continue our work and provide you with the best overall experience and valued information.
If you have any concerns about this we suggest you do not click on any adverts, sponsored or affiliate links found throughout the website.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
Our EMS provider is; Mailchimp. We hold the following information about you within our EMS system;
- Email address
- I.P address
- Subscription time & date
Resources & further information
- Overview of the GDPR – General Data Protection Regulation
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations 2003
- The Guide to the PECR 2003
- Small business GDPR policy template
If you have any questions please direct them to email@example.com