Mobile privacy statement

Version 1 March 2021

The privacy of all of our Users (staff) is very important to us (the Trust). When you, as an App-user, use the Service the App-Publisher (Microsoft Azure) process your Personal Data. This Privacy Statement describes how we safeguard and process your Personal Data. We recommend you to read it carefully.

1. What is stated in this Privacy Statement?

Parties inform you in this Privacy Statement about:

– The kinds of Personal Data processed;
– Permissions;
– The purposes for which Personal Data is processed;
– Where the Personal Data are processed;
– The security measures in place to protect Personal Data;
– Limits of responsibility concerning third parties;
– Viewing, changing and deleting your Personal Data;
– Changes to this Privacy Statement;
– What to do if you have any questions or remarks.

2. The kinds of Personal Data processed

A. Personal Data by using our Service

In order to improve the Service, we use anonymous Data. This information will not go public through the Service.

B. Automatically generated information

Like most other websites and online services, the App gathers and process automatically generated information about how you use the App. The information gathered includes your IP-address and/or an unique device ID.

If you specifically opt-in, the App may collect your geo-location information. In any event, you can block geo-location collection trough the settings of your mobile device.

If you specifically opt-in to permit access and collection of information from your social network account, then your basic personal information in your social network account will be collected (such as your name and email address) as well as your social network user id (but not your password) and parameters related
to the posts you shared through the App. Please refer to the social network’s privacy policy for more details on how you can set the privacy preferences of your account to control the information that may be accessed and retrieved.

This also occurs with regard to the automatically generated information about how you use the App This kind of information helps us to better understand how the App is used, and how we can improve the Service to suit the need of you as an user. If you enable the user authorisation features inside the App, the following additional information will be stored:

• Name;
• Email address;
• Age range (optional);
• Gender (optional);
• Phone number (optional);
• Additional profile information returned by an external provider such as Facebook or LinkedIn.

To provide the App-owner (the Trust) with information about the usage of the app we are also collecting the following (anonymous) information:
• The moment you open the app;
• The blocks you’ve opened inside the app and the amount of time you’ve spend in this block;
• Actions such as music playback, opening urls etc.
• The moment you leave the app;

Note: if the user authorisation features are enabled we can link the anonymous information to you once you login.

C. Specific information

We may ask you to engage in certain activities via the App, such as for example loyalty-card, newsletters, advertising, however we will not ask for any personal information.

3. Permissions

In general and for specific functionality built in the App, our service ask for Permissions. These Permissions are asked from the App user when the App is downloaded from the store and / or when a specific functionality is used.

4. The purposes for which Personal Data is processed

A. Purposes

Parties processes Personal Data for the following purposes:

– to enable you to use the Service;
– to keep you updated with relevant information about our Service;
– to improve and/or customise the Service;
– to identity you/or customise the Service;

– to identify you and to prevent fraud;
– to provide support;
– to pass your Personal Data to third parties, if you requested us to do so or if we are legally obliged to do so.

B. Transmission of Personal Data to third parties

We do not sell, trade, or rent your Personal Data to third parties without your prior consent.

We may provide “aggregated anonymous data” about the usage of the Service to third parties for such purposes as well, as it deems to be appropriate. “Aggregated anonymous data” is data that cannot be traced back to you and which therefore does not count as Personal Data. For instance, we may use aggregated anonymous data to better understand how Users use the Service.

In the event that we are transferred to a third party, or that we merge with a third party, or undergoes a re-organisation, your Personal Data may also be disclosed and/or transferred to that third party. This third party will have the right to continue to use Personal Data and other information that you provided to us.

We may disclose your Personal Data where it is believed, in good faith, that it is necessary to comply with a court order, ongoing judicial proceeding, criminal or civil subpoena, or other legal process or request by law enforcement authorities or to exercise its legal rights or defend itself against legal claims.

5. Where are the Personal Data processed?

The Service is provided by using hosting services of Microsoft Azure, in the US Area. The
Personal Data processed by App-publisher may be transferred to, and stored on, servers maintained by Microsoft Azure located in or outside a country in the UK such as the United States of America.

Microsoft adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, although Microsoft does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18.

You agree to this transfer and processing outside the UK. App-publisher will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this privacy policy. For more information about Microsoft Azure and the EU-US Privacy Shield look at https://privacy.microsoft.com/en-GB/privacystatement.

6. What security measures are in place to protect Personal Data?

The security of your data and that of other Users is very important to us. We have implemented technical and organisational measures to protect your Personal Data against loss or any form of unlawful processing. We implemented the following measures: protection of our servers by firewalls, SSL connections and encryption of sensitive data. This list is not exhaustive.

7. Limits of responsibility concerning third parties

Our Service may contain services and products offered by third parties, and/or hyperlinks to the websites or services of partners, advertisers and other third parties.

We the Trust have no control or influence over the content, websites, or services of these third parties. Different privacy policies may apply to the use of third-party websites and services. This Privacy Statement only relates to Data which have been obtained by the Trust through your use of the ‘the App’ for its own purposes. We the Trust do not accept any responsibility or liability for the content, practices or operation of third-party websites and services.

8. Viewing and deleting Personal Data

You may send a request to access or delete the personal information collected through your use of the App, by contacting us via email. You may be asked to provide additional information to verify your identity.
Is can be done by emailing nlg-tr.hrhelpline@nhs.net.

9. Children’s privacy

Personal information about children is not knowingly or intentionally collected.

10. Security

Measures are implemented to secure your personal information, to minimise the risks of damage, loss of information and unauthorised access or use of information. However, these measures are unable to provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed and you cannot reasonably expect that the App and its related databases will be immune from any wrongdoings, malfunctions, unauthorised interceptions or access, or other kinds of abuse and misuse.

11. Changes to this Privacy Statement

This Statement may be updated at any time. Parties will publish any updated version of the Privacy Statement via the Service. Parties encourage you to check this page from time to time to be aware of any changes to this Privacy Statement and to stay informed about how parties protect your Personal Data. You acknowledge and agree that it is your responsibility to review this Privacy Statement periodically and familiarise yourself with any updates.

You agree to be bound by any of the changes made to this Statement. Your continued use of the App after the changed take effect will indicate your acceptance of the amended Statement. If you do not agree with the amended Statement, you must uninstall the App and avoid any further use of it.

12. What to do if you have any questions or remarks

If you have any questions or remarks about this Privacy Statement, please contact us by sending an email to the nlg-tr.dataprotection@nhs.net.

This Privacy and Cookie Statement was last updated: March 2021