Privacy Policy
Intercept Health App
Effective date: 19th day of September 2022
Intercept app (the “App”) is operated by National Institute for Prevention and Cardiovascular Health (NIPC). The National Institute for Prevention and Cardiovascular Health is the data controller and can be contacted at:
NIPC, Croí Heart and Stroke Centre, Moyola Lane, Newcastle, Galway. Ireland
info@nipc.ie(+353) 091-893299
www.nipc.ie
Purpose
The purpose of this privacy policy (this “Privacy Policy”) is to inform users of our App of the following:
This Privacy Policy applies in addition to the terms and conditions of our App.
GDPR
For users in Ireland, we adhere to the Regulation (European Union) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (the “GDPR”).
Consent
By using our App users agree that they consent to:
When the legal basis for us processing your personal data is that you have provided your consent to that processing, you may withdraw your consent at any time. If you withdraw your consent, it will not make processing which we completed before you withdrew your consent unlawful.
You can withdraw your consent by: Contacting the NIPC Data Protection Officer, Lizanne Dunleavy, lizanne@croi.ie.
About Intercept
The INTERCEPT app aims to improve secondary prevention in post-acute coronary syndrome patients (ACS).
The intervention includes two components
The objective is to provide a patient centred, package of care that is integrated, structured and seamless to ensure a smooth transition from hospital to home, with evidence-based support to achieve recommended lifestyle, medical and therapeutic goals. A second objective is to improve uptake and adherence with traditional Cardiac Rehabilitation (CR) programmes among these post-acute ACS patients.
Legal Basis for Processing
We collect and process personal data about users in the EU only when we have a legal basis for doing so under Article 6 of the GDPR.
We rely on the following legal bases to collect and process the personal data of users in the EU:
Personal Data We Collect
We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.
Data Collected Automatically
When you visit and use our App, we may automatically collect and store the following information:
Weight, body mass index (BMI), smoking status, LDL cholesterol, blood pressure, Glucose and HbA1c, heart rate, , medications prescribed, physical activity, steps, accelerometer data, eating habits and mood.
Data Collected in a Non-Automatic Way
We may also collect the following data when you perform certain functions on our App:
This data may be collected using the following methods:
How We Use Personal Data
Data collected on our App and through connected devices will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our App. We will not use your data beyond what we disclose in this Privacy Policy.
We may use your Personal Information for the following purposes:
Who We Share Personal Data With
Employees
We may disclose user data to any member of the organisations involved in this research who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy. Employees involved in this research are employed at the National Institute for Prevention and Cardiovascular Health, Saolta University Health Care Group or the University of Galway.
Third Parties
We may share user data with the following third parties:
We may share the following user data with third parties:
We may share user data with third parties for the following purposes:
Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.
Other Disclosures
We will not sell or share your data with other third parties, except in the following cases:
If you follow hyperlinks from our App to another App, please note that we are not responsible for and have no control over their privacy policies and practices.
How Long We Store Personal Data
User data will be stored until the purpose the data was collected for has been achieved.
You will be notified if your data is kept for longer than this period.
How We Protect Your Personal Data
The prospective hosting option is fully GDPR compliant, as data is merely transferred and not stored by third parties. All data captured is anonymised, with user anonymity maintained. (unless user has opted in, to share data of their own volition)
While we take all reasonable precautions to ensure that user data is secure and that users are protected, there always remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.
Your Rights as a User
Individuals located in the EEA have certain rights with respect to their Personal Information. These rights include:
Children
We do not knowingly collect or use personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16 years of age, the personal data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data their parent or guardian may contact our data protection officer.
How to Access, Modify, Delete, or Challenge the Data Collected
If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any of your other rights under the GDPR, please contact our data protection officer here:
NIPC, Croí Heart and Stroke Centre, Moyola Lane, Newcastle, Galway. Ireland
info@nipc.ie(+353) 091-893299
www.nipc.ie
Additional Clauses
Health Data
Within the Intercept system, all patient specific data will need to form part of the patient’s case notes and be identifiable for this purpose. The patients will also need to be able to identify themselves to ensure full collaboration with the system. Permissions to see personal information will not be given to third parties, however System based issues and analytical data will be accessible to the app developer during the 12-month support stage.
Google Analytics and other technologies we use.
We use Google Analytics and/or similar technologies to analyse app use behaviour, administer the app, track users’ movements, and to collect information about app use. This is done to personalise and enhance your experience with us.
We use Google Analytics for the following purposes:
Modifications
This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. When we amend this Privacy Policy we will update the “Effective Date” at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this Privacy Policy.
Complaints
If you have any complaints about how we process your personal data, please contact us through the contact methods listed in the Contact Information section so that we can, where possible, resolve the issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the Data Protection Commission in Ireland.
Contact Information
If you have any questions, concerns or complaints, you can contact our data protection officer, NIPC, at:
NIPC Data Protection Officer, Lizanne Dunleavy, lizanne@croi.ie
NIPC, Croí Heart and Stroke Centre, Moyola Lane, Newcastle, Galway.
info@nipc.ie(+353) 091-893299
www.nipc.ie