Privacy
PRIVACY NOTICE
FLORENCE TELEHEALTH SERVICES
Last updated: February 18, 2021
INTRODUCTION
Florence is owned and operated by Mediaburst Limited, (“Mediaburst”, “we”, “us”, “our”). We are committed to protecting and respecting your privacy. Mediaburst processes your personal data in line with the data protection principles set out in the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, SI 2019/419 (“UK GDPR”) and the Data Protection Act 2018.
Florence works in partnership with GP Practices and NHS Trusts across the UK to collect health readings of patients that use our telehealth application. Patient health data is shared with your doctor and other authorised medical clinicians to help improve the quality of care you receive.
This privacy notice explains what personal data Mediaburst collects from individuals (patients and clinicians) (“you/your”) who use Florence, visit the Florence website (www.getflorence.co.uk), contact us using our web forms, by email, phone or through one of our social channels; or other communications.
We place great importance on ensuring the quality, confidentiality, integrity, and availability of the data we hold, and in meeting our data protection obligations when processing personal data. Mediaburst is committed to protecting the security of your personal data. We use a variety of technical and organisational measures to help protect your personal data from unauthorised access, use or disclosure.
If you have applied for a job with Mediaburst or submitted your CV (or similar employment information) to us, we process your personal data as set out in our privacy notice for recruitment candidates. You will be able to find this on the www.getflorence.co.uk website.
We update this privacy notice from time to time in response to changes in applicable laws and regulations, to our processing practices and to the products and services we offer.
When changes are made, we will update the date at the top of this document. Please review this privacy notice periodically to check for updates.
WHAT INFORMATION DO WE PROCESS?
We process all information you give us, either through forms on our website www.getflorence.co.uk (our site) or by corresponding with us by telephone, email or otherwise. This includes information you provide when you register to use our site, subscribe to a service, or when you report a problem with our telehealth application or website.
Information processed following an initial enquiry from a healthcare professional
We process the following information:
- Name
- GP surgery / network, NHS Trust or Business name
- GP surgery / network, NHS Trust or Business address
- Job title/position
- Organisation telephone number
- Organisation email address
Information you provide to us when registering with and using Florence as a patient The personal data and sensitive data collected and processed as part of the agreement for using Florence, as well as to ensure accounts are accessible to the users the information/data collected includes;
- NHS number
- Full name
- Mobile phone
- Health data readings, such as blood pressure, weight, medication,
Information you provide to us when using Florence as a registered clinician
The personal data collected and processed as part of the agreement for using Florence, as well as to ensure accounts are accessible to the users the information/data collected includes;
- Full name
- NHS email address
- Healthcare organisation name and address
- Mobile phone number
Information processed when you visit our website – Cookies
Florence uses cookies on our website. Cookies are small text files that are downloaded to your device when you visit a website. We use cookies to remember your preferences, display content that is more relevant to you and improve your overall experience of our site. The cookies we use are listed below. You can learn more about cookies by going to http://www.allaboutcookies.org/.
| Domain | Cookie Name | Description | Duration |
| Getflorence.co.uk | _ga | Monitors the use and performance of our website –distinguishes unique users by assigning a randomly generated number | 2 years |
| Getflorence.co.uk | _gat | Used by Google Analytics to throttle request rate | 1 day |
| Getflorence.co.uk | _gid | Used to distinguish users on Google Analytics in order to count user visits and traffic sources so that we can measure and improve the site performance | 1 day |
MANAGING COOKIES
You can manage and delete cookies and web beacons through your web browser. Each browser manages cookies differently, but you can learn more about cookie settings in the most common browsers using the links below:
Our website may contain links to other websites. This privacy notice only applies to this website, so please read the privacy notices provided by the other websites before posting any personal information.PURPOSES AND BASES FROR PROCESSING YOUR DATA
We may use your data for the following purposes and on the following lawful bases:
| Purpose | Lawful Bases for Processing |
| Responding to correspondence from you. | It is in our legitimate interest to respond to enquiries made via our website, by email, through our social channels or any other means. |
Sending you information such as our newsletter, research reports, insights and other Florence news and information which may be of interest. | When you agree to be contacted for information about Florence we will rely on your consent, which may be withdrawn at any time by contacting us. |
| Collecting and sharing patient medical or health data with registered clinicians using the Florence telehealth application. | We process your medical or health data on behalf of the healthcare organisation (data controller) with your explicit consent, which may be withdrawn at any time by contacting us. |
Fulfilment of our obligations, as set out in our agreement of services with the healthcare organisation (the data controller). | This is necessary for the performance of the contract we have entered with the data controller. |
| Service management, forecasting and statistical purposes. | It is our legitimate interest to identify areas for managing current business relationships, develop new products and services, and for managing our business. |
| Improving our website and the overall website visitor and user experience. | It is our legitimate interest to allow analytics and search engine providers to help improve and optimise our website. We use analytical cookies on our website with your consent, which may be withdrawn at any time by contacting us. |
PURPOSES AND BASES FOR PROCESSING YOUR DATA
Where personal data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.
SHARING YOUR INFORMATION
It is possible that we may be required to share your data to comply with applicable laws or with valid legal processes, in response to a court order or with government or law enforcement agencies, such as the local council or the police. The legal basis in these cases is compliance with a legal obligation.
INTERNATIONAL TRANSFERS
Florence only operates in the UK. Where appropriate, your personal data may be processed outside the UK. This is because the organisations we use to provide our services to you are located in other countries. We have taken appropriate steps to ensure that where personal data processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:
- Your personal data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation); or
- We enter into either International Data Transfers Agreements (IDTAs) or Standard Contractual Clauses (SCCs) with the receiving organisations and ensure that supplementary measures are also applied, where necessary.
YOUR RIGHTS
You have certain rights in relation to the processing of your personal data, including to:
- Request access to personal data about you (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you, and to check that we are lawfully processing
- Request rectification, correction, or updating to any of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you
- Request personal data provided by you to be transferred in machine-readable format (“data portability”).
- Request erasure of personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal data where you have exercised your right to object to processing (see below).
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you (e.g. if you want us to establish its accuracy or the reason for processing it).
- Object to the processing of your personal data in certain circumstances. This right may apply where the processing of your personal data is based on the legitimate interests of Mediaburst.
These rights are not absolute and are subject to various conditions under applicable data protection and privacy legislation and the laws and regulations to which we are subject. If at any time you decide that you no longer wish to be contacted, or if you would like to exercise any of your rights as set out above, you can contact us by email (hello@mediaburst.co.uk ).
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In addition to the above, please note that you have the right to make a complaint at any time to the Information Commissioner’s Office if you are concerned about the way in which we are handling your personal data.
DATA RETENTION PERIOD
We will retain your personal data for as long as it necessary for the purpose of our relationship, as instructed by the data controller or until you object to us processing it or withdraw your consent. The data retention period as reflected in the T&Cs for Mediaburst is 5 years.
CONTACT
You can contact us in relation to data protection and this privacy notice by writing to: CEO,
Mediaburst Limited Mercury House, 117 Waterloo Road, London SE1 8UL.
Alternatively, you can email us at hello@mediaburst.co.uk.
