Mobile App Privacy Statement

The privacy of all of our Users (staff) is very important to us (the Trust). When you, as a user of this mobile app, use the Service the App-Publisher (Chapelcroft Limited) processes your Personal Data. This Privacy Statement describes how we safeguard and process your Personal Data. We recommend you to read it carefully.

1. What is stated in this Privacy Statement?

Parties inform you in this Privacy Statement about:

  • The kinds of Personal Data processed
  • Permissions
  • The purposes for which Personal Data is processed
  • Where the Personal Data are processed
  • The security measures in place to protect Personal Data
  • Limits of responsibility concerning third parties
  • Viewing, changing and deleting your Personal Data
  • Changes to this Privacy Statement
  • What to do if you have any questions or remarks

2. The kinds of Personal Data processed

2A. Personal Data by using our Service

In order to improve the Service, we use anonymous Data. This information will not be made publicly available through the Service.

2B. Automatically generated information

Like most other websites and online services, the App gathers and process automatically generated information about how you use the App. The information gathered includes your IP-address and/or a unique device ID.

If you specifically opt-in, the App may collect your geo-location information. In any event, you can block geo-location collection through the settings of your mobile device.

This also occurs with regard to the automatically generated information about how you use the App. This kind of information helps us to better understand how the App is used, and how we can improve the Service to suit the needs of you as a user.

To provide the App-owner (the Trust) with information about the usage of the app we are also collecting the following (anonymous) information:

  • The moment you open the app
  • The blocks you've opened inside the app and the amount of time you've spend in this block
  • Actions such as music playback, opening URLs etc...
  • The moment you leave the app

Note: if the user authorisation features are enabled, we can link the anonymous information to you once you login.

2C. Specific information

We may ask you to engage in certain activities via the App, such as for example loyalty-card, newsletters, advertising, however we will not ask for any personal information.

3. Permissions

In general, and for specific functionality built in the App, our service asks for Permissions. These Permissions are asked from the App user when the App is downloaded from the store and / or when a specific functionality is used.

4. The purposes for which Personal Data is processed

4A. Purposes

  • to enable you to use the Service
  • to keep you updated with relevant information about our Service
  • to improve and / or customise the Service
  • to identity you / or customise the Service

Parties processes Personal Data for the following purposes:

  • to identify you and to prevent fraud
  • to provide support
  • to pass your Personal Data to third parties, if you requested us to do so or if we are legally obliged to do so.

The lawful basis for processing personal information is GDPR Article 6, Section 1F.

4B. Transmission of Personal Data to third parties

We do not sell, trade, or rent your Personal Data to third parties without your prior consent.

We may provide “aggregated anonymous data” about the usage of the Service to third parties for such purposes as well, as it deems to be appropriate. “Aggregated anonymous data” is data that cannot be traced back to you and which therefore does not count as Personal Data. For instance, we may use aggregated anonymous data to better understand how Users use the Service.

In the event that we are transferred to a third party, or that we merge with a third party, or undergoes a re-organisation, your Personal Data may also be disclosed and / or transferred to that third party. This third party will have the right to continue to use Personal Data and other information that you provided to us.

We may disclose your Personal Data where it is believed, in good faith, that it is necessary to comply with a court order, ongoing judicial proceeding, criminal or civil subpoena, or other legal process or request by law enforcement authorities or to exercise its legal rights or defend itself against legal claims.

5. Where are the Personal Data processed?

The Service is provided by using hosting services of Microsoft Azure, in the US Area. The Personal Data processed by App-publisher may be transferred to, and stored on, servers maintained by Microsoft Azure located in or outside a country in the UK such as the United States of America.

Microsoft adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, although Microsoft does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18.

You agree to this transfer and processing outside the UK. The App-publisher will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this privacy policy. For more information about Microsoft Azure and the EU-US Privacy Shield look at the Microsoft Privacy Statement.

6. What security measures are in place to protect Personal Data?

The security of your data and that of other users is very important to us. We have implemented technical and organisational measures to protect your Personal Data against loss or any form of unlawful processing. We implemented the following measures: protection of our servers by firewalls, SSL connections and encryption of sensitive data. This list is not exhaustive.

7. Limits of responsibility concerning third parties

Our Service may contain services and products offered by third parties, and / or hyperlinks to the websites or services of partners, advertisers and other third parties.

We the Trust have no control or influence over the content, websites, or services of these third parties. Different privacy policies may apply to the use of third-party websites and services. This Privacy Statement only relates to Data which have been obtained by the Trust through your use of the ‘the App’ for its own purposes. We the Trust do not accept any responsibility or liability for the content, practices or operation of third-party websites and services.

8. Viewing and deleting Personal Data

You may send a request to access or delete the personal information collected through your use of the App, by contacting us via email. You may be asked to provide additional information to verify your identity.

This can be done by emailing info@myark.co.uk

9. Children’s privacy

Personal information about children is not knowingly or intentionally collected.

10. Security

Measures are implemented to secure your personal information, to minimise the risks of damage, loss of information and unauthorised access or use of information. However, these measures are unable to provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed and you cannot reasonably expect that the App and its related databases will be immune from any wrongdoings, malfunctions, unauthorised interceptions or access, or other kinds of abuse and misuse.

11. Data Subject Rights

You have the right to see, or have a copy, of your personal information.

You do not need to give a reason, and there will be no charge. Please contact:

We will normally provide your information within one month (four weeks) of receiving all the information we need to respond to your request. It may be that we have to extend the time period by a further two months (eight weeks) if your request is complex, numerus, or large. We will inform you within the month of receipt if this is the case and explain why the extension is necessary.

Please be as detailed as possible when requesting information, for instance stating date ranges, appointment types, or specific letters. Before records are released we will seek the advice of the consultant in charge of the patient care to ensure that no information about an individual's physical or mental health or condition will be released if it would be likely to cause harm to either them or another person's physical or mental health condition. We will also withhold information provided by third parties where we don't have consent to release it or where the patient has made it clear that they did not want the information disclosed. Before providing any information we will need to verify your identity and may request further information from you so we may progress your query as quickly as possible.

Your right to be informed

This means you have a right to be informed about the way we collect and use your data.

Your right to rectification

This means you have the right to have inaccurate (incorrect or misleading as to any matter of fact) personal data corrected or completed.

Your right to have your personal information erased

This right is not absolute and only applies in certain circumstances.

You have the right to restrict the processing of your information in any one of the following circumstances:

  • You contest the accuracy of your personal data and we are verifying the accuracy of the data.
  • We no longer need the personal data but you need to keep it in order to establish, exercise, or defend a legal claim
  • You have objected to the Chapelcroft (ARK) processing your data under Article 21(1) of UK GDPR, and Chapelcroft (ARK) is considering whether Company’s legitimate grounds override yours (the individual).

Your right to object

This means that you have the right to object to the Company processing your data where the processing is based on all of the following:

  • legitimate interests or the performance of a task in the public interest / exercise of official authority (including profiling)
  • direct marketing (including profiling)
  • processing for purposes of scientific / historical research and statistics
  • You must have an objection on "grounds relating to your particular situation"

Your right to withdraw your consent

This means that once you have given your explicit consent for your information to be processed you have the right to both:

  • withdraw your explicit consent for the processing of your information
  • withdraw your consent by informing the department / team that took your consent (you can do this in writing or verbally)

12. Changes to this Privacy Statement

This Statement may be updated at any time. Parties will publish any updated version of the Privacy Statement via the Service. Parties encourage you to check this page from time to time to be aware of any changes to this Privacy Statement and to stay informed about how parties protect your Personal Data. You acknowledge and agree that it is your responsibility to review this Privacy Statement periodically and familiarise yourself with any updates.

You agree to be bound by any of the changes made to this Statement. Your continued use of the App after the changed take effect will indicate your acceptance of the amended Statement. If you do not agree with the amended Statement, you must uninstall the App and avoid any further use of it.

13. What to do if you have any questions or remarks

If you have any questions or remarks about this Privacy Statement, please contact us by sending an email to the info@myark.co.uk