PRIVACY POLICY

Effective from 12/03/2020.

Privacy policy statement

This privacy statement applies to the website, apps and services available from:

www.hashealth.com

Email: info@hashealth.com

At www.hashealth.com we fully respect your privacy and we will not collect any personal information on this website without your consent. It is our priority to protect your data. This is why we have taken the time to describe our information handling practices in detail. Please take the time to review this document, if you find anything that is not clear, please feel free to contact us at info@hashealth.com.

Personal Information we collect

Information you provide

We may collect personal information from you when you apply for one of the services which is offered by your healthcare professional, this may be via an online questionnaire, a video consultation, a follow up question, a telephone call, an email or other means. It is sometimes necessary for us to collect sensitive data (such as medical information) relating to you so that the medical team can make an clinical decision if the service (and treatment) is safe and suitable for you. We collect your email and mobile number so that our team can contact you if required.

If payment is required we collect information that includes your payment information, such as your credit or debit card details and other account and authentication information. Any credit card information you provide is collected and processed directly by our payment processor, which is currently Stripe. We will never receive or store your credit card information on our servers. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS). You can view the Stripe Privacy Policy here https://stripe.com/us/checkout/legal.

Should you contact us by any electronic format, including Web Chat, www.hashealth.com application messages, phone, email or post or by any other method – we may hold the content, contact details and any additional information you provide to us on record for future reference and use by www.hashealth.com. If you give us your credit card details then we will process payments using Secure Sockets Layer (SSL) security but we will not keep a record of your card details on our servers.

Device and network information

When you use our apps or website we collect information about the app, browsers and devices that you use to access www.hashealth.com services. The information that we collect may include unique identifiers, browser type and settings, device type and settings, operating system and application version number. We also collect information about the interaction of you and your browsers and devices with our services, including IP address, crash reports, system activity, and the date, time and referrer URL of your request.

Use of Personal Information

We use your personal information (subject to your consent choices) as described below and to provide and support the services described in the HasHealth terms and conditions.

Provide you with our service

We use the information you provide as part of your online consultation so that the medical team can make an clinical decision if the service (treatment) is safe and suitable for you.

We may use the information you provide as input into our clinical decision support system to assist your clinician in their decision making process. It should be noted that the decision to determine if the service and associated treatment is safe and suitable for you is decided by the medical team.

Communicate with you

We may use email and SMS to communicate with you about notifications such as an upcoming appointment, this contact method is decided by your clinician or their staff.

When you contact us, we use this information to respond to you. This may be via web chats, application messages, telephone, email or post or by any other method.

Marketing

If you consent to marketing, we use your information to keep you informed about our service (such as when we release new services or products). We only contact you with these offers a few times a year and you can always opt-out if you change your mind at any time.

Research and Development

To improve our service and help us make better decisions, we analyse personal data to find improvements and make clinicians aware of risks.

How long do we hold your data (Data Retention Policy)

We store data until it is no longer necessary to provide our services, comply with legislation / guidelines, or until your account is deleted.

Who has access to the information we collect?

We do not share your identifiable personal information with any third party except as necessary to operate services and to fulfil legal and regulatory obligations.

HasHealth team

Patient care is team based and access to your information is crucial for your safety and continuity of care. The sharing of information within the HasHealth team is on a need-to-know basis, depending on the role the member of staff has in your care.

All our staff are bound by confidentiality clause in their contracts. Also, under Medical Council guidance, it is a condition of registration to abide by the guidance set out by the Medical Council, which includes a requirement to respect patient confidentiality.

Disclosure with your consent

Disclosure can be made with your explicit consent. This could be a request from an Insurance company, employer or legal proceedings request but any disclosure must be with, and limited to, the authority provided by you. If this is not forthcoming, no information will be provided.

Disclosure without your consent

Disclosure can be made without your consent in two instances:

  • If the disclosure is required by law. For example, when ordered by a judge in a court of law, or by a tribunal or body established by an Act of the Oireachtas.
  • If the disclosure is in the public interest. For example, where mandated by infectious disease regulations, or there is a threat of serious harm to yourself or others.

Third Party Services

We require a number of third parties to deliver our service. Without these, we cannot provide you with a service. These include all the companies and services listed:

Name Service Data Controller/ Data Processor Description Privacy URL
Microsoft Azure Data Processor Cloud based hosting and services https://privacy.microsoft.com/en-us/privacystatement
Amazon Amazon Web Services (AWS) Data Processor Cloud based hosting and services https://aws.amazon.com/privacy/
Google Google Analytics Data Processor User analytics tracking https://policies.google.com/privacy
Rapid7 Logentries Data Processor Log management and analytics https://www.rapid7.com/privacy-policy
Google Fabric Data Processor App deployment and analytics https://policies.google.com/privacy
New Relic New Relic Data Processor Application and server analytics and reporting https://newrelic.com/termsandconditions/privacy
AggSignal AppSignal Data Processor Application and server analytics and reporting https://appsignal.com/privacy-policy
Blueface Blueface Data Processor Telephony services https://www.blueface.com/privacy-policy/
SMSAPI SMS Data Processor SMS delivery service https://www.smsapi.com/en/privacy
Google G Suite Data Processor Productivity and collaborations tools https://policies.google.com/privacy
Flowmailer Email Data Processor Email delivery service https://flowmailer.com/en/resources/l/privacy-policy
Freshworks Freshdesk Data Processor Help desk software provider https://www.freshworks.com/privacy/
Vonage Video Data Processor Cloud based service provider for video https://www.vonage.com/legal/privacy-policy/
Stripe Stripe Data Controller and Processor Online payment processing https://stripe.com/ie/privacy
MaxMind MaxMind Data Processor IP Geolocation and Online Fraud Prevention https://www.maxmind.com/en/privacy_policy
Wistia Wistia Data Processor Video hosting and analytics provider https://wistia.com/privacy

How is your Information Secured and Protected?

We have technologies and procedures in place to protect your personal information. However, emails you send us are not necessarily secure when they are transmitted to us and we can accept no liability for any loss or damage resulting from emails to www.hashealth.com .

For every third party service that we use, we have a Data Processing Agreement with that service provider and check that processing complies with the related legislation.

Telephone Recording

We may record telephone calls for training and verification purposes.

How to Access and Update your Information?

In line with the Data Protection Acts, you have the right of access to any personal information about you You also have the right to require us to correct any inaccuracies in the information we hold about you by sending us a written request (this must include a copy of identification such as a driver’s licence or passport, this is to make sure that your personal information is only updated by you).

Subject access requests must be made in writing and include a copy of identification (such as driver licence or passport, this is to make sure that your personal information is not given to the wrong person) and must be addressed to the Data Protection Officer (see below). All access requests will be processed within one month on receipt of the access request.

Account deactivation, deletion and erasure

Once your account is deleted you will not be able to use our service and if you change your mind you will have to re-register.

Deactivation of your account means you will not be able to use our service and if you change your mind, you will have to contact support at info@hashealth.com to reactivate your account.

Changes to this Statement

We may occasionally update this Privacy Statement. We encourage you to periodically review this Statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of this service constitutes your agreement to this Privacy Statement and any updates.

How to contact HasHealth with questions

The data controller responsible for your information is Webdoctor Ltd T/A Nua Solutions, which you can contact at info@hashealth.com (subject “FAO DPO”) or by post at:

Data Protection Officer
Webdoctor Ltd T/A Nua Solutions
20 Knockmeenagh Road
Dublin 22
Ireland