Privacy

  1. Homepage
  2. Privacy

Flipware Tech – Privacy Policy

We ask that you read this website privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

This website is operated by Flipware Tech Limited. We are a company incorporated in Scotland under number SC314796, having our registered office at 258 Nithsdale Road, Glasgow, G41 5AN. We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation (the GDPR) which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

Our website

This Privacy Policy relates to your use of our website, www.medcaro.com. Throughout our website we may link to other websites owned and operated by certain trusted third parties to analyse web traffic. These other third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third party websites, please consult their privacy policies as appropriate.

Our collection and use of your personal information

We collect personal information about you when you access our website, register with us, contact us, send us feedback, access or subscribe to services via our website, post material to our website and complete customer surveys or provide feedback via our website. We collect this personal information from you either directly, such as when you register with us, contact us or purchase or subscribe to services via our website or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below). We may also collect personal information about you from other sources, such as Electronic Patient Record from NHS when it is made available in the future. The personal information we collect about you depends on the particular activities carried out through our website. Such information includes:
  • your name, address and contact details;
  • bank account and payment details;
  • details of any feedback you give us by phone, email, post or via social media;
  • information about the services we provide to you or that you access;
  • your account details, such as username, login details; and
  • health records.
We use this personal information to:
  • create and manage your account with us
  • verify your identity;
  • provide services to you;
  • customise our website and its content to your particular preferences;
  • notify you of any changes to our website or to our services that may affect you; and
  • improve our services.
This website is not intended for use by children under the age of 13 and we do not knowingly collect or use personal information relating to children.

Our lawful basis for processing your personal information

When we use your personal information we are required to have a lawful basis for doing so. There are various different lawful bases upon which we may rely, depending on what personal information we process and why. The lawful bases we may rely on include:
  • consent: where you have given us clear and explicit consent for us to process your personal information for a specific purpose;
  • contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract;
  • legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations);
  • vital interests: where our use of your personal information is necessary to protect your or someone else’s life;
  • legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests);
  • preventative medicine: where our use of your personal information is necessary for purposes of medical diagnosis, the provision of health care or treatment or management of health care systems and services under a contract with a health professional and subject to patient confidentiality obligations.

Further information – the personal information we collect, when and how we use it

For further details on when we collect personal information, what we collect as well as how we use it, please read the following sections:
When information is collected What information we ask for How and why we use your information
When you set up an account with us Contact details: your name and email address Health record We ask for this:
  • to create and manage your account with us;
  • to communicate with you about your account; and
  • to provide you with access to our services
We rely on performance of a contract as the lawful basis for collecting and using your personal information under our terms and conditions. We will keep this information until:
  • you close your account with us; or
  • we close your account
When you access our services Contact details: your name and email address Health record We ask for this:
  • to provide you with access to our services; and
  • to assist health care providers to provide more informed advice.
We rely on performance of a contract as the lawful basis for collecting and using your personal information under our terms and conditions and the provision of health care. We will keep this information until:
  • you close your account with us; or
  • we close your account
When you register as a health care service provider (Doctors, Dentists and others) with us Service details Financial details Hospital / Clinic related data We ask for this:
  • to create and manage your account with us;
  • to communicate with you about your account;
  • to provide you with access to our services; and
  • to assist you to provide more informed advice.
We rely on performance of a contract and legitimate interests as the lawful basis for collecting and using your personal information under our terms and conditions and the provision of health care. Our legitimate interests are to ensure delivery of services. We will keep this information until:
  • you close your account with us; or
  • we close your account.
When you register as a pharmacist with us We ask for this:
  • to create and manage your account with us;
  • to communicate with you about your account; and
  • to provide you with access to our services.
We rely on performance of a contract as the lawful basis for collecting and using your personal information under our terms and conditions and the provision of health care We will keep this information until:
  • you close your account with us; or
  • we close your account.

Who we share your personal information with

We routinely share your contact details and health record with health care providers and pharmacists who have registered on our site, when you book an appointment with either of them. For a list of health care providers and pharmacists, please search on www.medcaro.com. This data sharing enables you to access our services. We also share your personal information with our third party suppliers, including our IT service providers. Some of those third party recipients may be based outside the European Economic Area – for further information including on how we safeguard your personal information when this occurs, please see ‘Transfer of your information out of the EEA’. We will share personal information with law enforcement or other authorities if required by applicable law and with our professional advisors or agents acting on our behalf. In the event that we sell or buy any business or assets, we may disclose personal information to the prospective seller or buyer of such business or assets and in respect of a merger, acquisition or sale of all or a portion of our assets, personal information held by us will be one of the transferred assets. We will not share your personal information with any other third party.

Whether information has to be provided by you, and if so why

We require you to provide old health care records or test results to enable us to provide you with access to our services. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.

Transfer of your information out of the EEA

We may transfer your personal information to the following which are located outside the European Economic Area (EEA) as we use company based in the USA for IT server hosting purposes, which has servers located within India. Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to the European Commission model contracts for the transfer of personal data to third countries or rely on the EU-US Privacy Shield Framework (as permitted under the GDPR) that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. To obtain a copy of such safeguards, please see our IT supplier’s privacy policy, which is available at: https://www.endurance.com/privacy/privacy. If you would like further information please contact us (see ‘How to contact us’ below). We will not otherwise transfer your personal information outside of the United Kingdom or EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Cookies and similar technologies

A cookie is a small text file which is placed onto your device (for example, computer, smartphone or other electronic device) when you use our website. We use traffic log cookies on our website. These help us recognise you and your device and store some information about your preferences or past actions. For further information on our use of cookies, please see our [insert link to Cookie Policy]. For further information on cookies generally visit www.aboutcookies.org or www.allaboutcookies.org.

Marketing

We would like to send you information about [insert details, for example, products and services, competitions and special offers], which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call. We would also like to share your information with selected health insurance and private healthcare providers so that they may send you information about their “products AND/OR services”, depending on what you agree with us. We will only ask whether you would like us and other providers to send you marketing messages when you tick the relevant boxes when you register as a new user. If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
  • contacting us at info@medcaro.com;
  • using the ‘unsubscribe’ link in emails.
It may take up to 10 days for this to take place. For more information on your rights in relation to marketing, see ‘Your rights’ below.

Your rights

Under the GDPR you have a number of important rights free of charge. In summary, those include rights to:
  • fair processing of information and transparency over how we use your use personal information, as set out in this Privacy Policy;
  • access to your personal information and to certain other supplementary information that this Privacy Policy is already designed to address;
  • require us to correct any mistakes in your information which we hold;
  • require the erasure of personal information concerning you in certain situations;
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
  • object at any time to processing of personal information concerning you for direct marketing;
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • object in certain other situations to our continued processing of your personal information;
  • otherwise restrict our processing of your personal information in certain circumstances; and
  • claim compensation for damages caused by our breach of any data protection laws.
If you would like to exercise any of those rights, please:
  • email, call or write to us at info@medcaro.com;
  • let us have enough information to identify you (for example, account number, username, registration details and email address);
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
  • let us know the information to which your request relates, including any account or reference numbers, if you have them.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it and use https access through our website in order to encrypt data. Those processing your personal information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope that we can resolve any query or concern you raise about our use of your personal information. The GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or by telephone on 0303 123 1113.

Changes to this Privacy Policy

This Privacy Policy was published on [insert date] and last updated on [insert date]. We may change this Privacy Policy from time to time, when we do we will inform you via our website, app notifications or by email.

How to contact us

Please contact us if you have any questions about this Privacy Policy or the information we hold about you. If you wish to contact us, please send an email to info@medcaro.com.