RevolutionEyes Me Ltd Privacy Statement
RevolutionEyes Me Ltd (“RevolutionEyes Me” or “We” or “Us”) is committed to protecting and respecting your privacy in line with current legislation. This privacy statement is relevant to anyone who is using the RevolutionEyes Me service. It tells you what personal data is collected and what we do with that personal data.
The RevolutionEyes Me Ltd service uses your Health data (a combination of Personal Data and Sensitive Personal Data) collected manually from you and from any personal health tracking devices or mobile applications that you have linked to your account, for example the Apple Health app on your iPhone, in order to fulfill the RevolutionEyes Me service you have purchased. A full description of the RevolutionEyes Me service can be found in the Terms of Service on our website.
ABOUT REVOLUTIONEYES ME
RevolutionEyes Me Ltd (“RevolutionEyes Me” or “Us” or “We”) is a registered company in the United Kingdom (Company No. 09172894; Registered Office Address 18 Sulgrave Road, London W6 7RP)
In the provision of the RevolutionEyes Me service, both Personal Data and Sensitive Personal Data will be collected and used.
Personal Data means data which relates to a living individual who can be identified from the data or from the data and any other information which is in the possession of, or likely to come into the possession of, the data controller.
Sensitive Personal Data means personal data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.
We will also refer to the Data Protection Officer (DPO) and the Data Controller.
According to the GDPR legislation which comes into effect in May 2018, RevolutionEyes Me will be required to appoint a DPO as we carry out large scale systematic monitoring of individuals and carry out large scale processing of special categories of data. The purpose of the DPO is to inform and advise RevolutionEyes Me and our employees about obligations to comply with GDPR and other data protection laws; to monitor compliance with GDPR and data protection laws; and to be the first point of contact for supervisory authorities and for individuals whose data is processed.
The Data Controller means an organisation or person who determines the purposes for which and the manner in which any personal data are or are to be processed.
The Data Processor means any organisation or person who processes the data on behalf of the Data Controller.
WHAT DATA WE USE
We collect Personal Data at the point of contacting us via email, subscribing to any of our email lists, submitting a ‘contact’ form or purchasing the product/service.
Name, Age, Phone Number, Email
Sensitive Personal Data
We collect Sensitive Personal Data after you have purchased the product as part of fulfilling the product/service.
Gender; Physical/mental health information; Biometric information
Cookies (small text files placed on your computer while using our site) may be used to assist with improving your site experience and to safeguard your privacy whilst browsing our site. For more information visit www.allaboutcookies.org
Strictly necessary cookies; Performance cookies; Functionality cookies; Targeting/Advertising cookies
Browser Event Data
Browser event data is collected during your visit to our website. This information is collected and processed to provide insights into user behaviour in order for us to continually improve our service.
Device IP address; Device screen resolution; Device type; Country location; Preferred language; Mouse events; Keypresses; Log data
Webpages and HTML emails may also contain a small snippet of code called a web beacon. In their simplest form, web beacons allow a website to transfer or collect information through a graphic image request. RevolutionEyes Me may use web beacons as part of the site, but only for fraud detection.
WHERE DO WE STORE YOUR DATA
All Data is stored within EEA Servers using Amazon Web Services. We conduct annual security testing to ensure our database is secure.
HOW DO WE PROVIDE THE REVOLUTIONEYES ME SERVICE WITH OTHERS
This section explains the purposes to which we put your Personal Data and Sensitive Personal Data and explains the legal basis and legitimate interests we rely upon when we do so.
‘Legitimate Interests’ refers to our interests in conducting and managing our business. The particular interest which we are relying on in each case is explained in more detail below. When we use your data in our legitimate interests, we make sure to balance any potential impact on you and your rights under data protection laws. Our interests do not automatically override your interests.
We will never share the Personal Data or Sensitive Personal Data with any other parties except for the purposes of fulfilling our service and aggregated data or research, in which case all data we use would not be identifiable.
To provide the RevolutionEyes Me service
What Data we use: Name, Email, Date of Birth, Address, Telephone Number, GP Information, Biometric Data, Dietary and exercise data
How We will use Data: We will use your Personal Data and Sensitive Personal Data to provide the service, including to manage our relationship with you, to verify your identity and eligibility to use our service and/or to contact you to provide and administer our service. Without this information, we cannot provide the RevolutionEyes Me service.
To improve the RevolutionEyes Me Service
What Data we use: Name, Email, Date of Birth, Address, Telephone Number
How we will use Data: We may use contact you for your feedback or use your information to improve the RevolutionEyes Me service by creating pseudonymised reports and by contacting you to receive feedback. We can use your data in this way because we have a legitimate interest in improving and tailoring our service and keeping our customers happy.
To conduct research and aggregated reports
What Data we use: Pseudonymised Personal Data and Sensitive Personal Data
How We will use Data: We may use this data to conduct research on the efficacy of our products and to identify where we can improve our product, or to provide aggregated anonymised reports to analyse the usage, uptake and efficacy of the products and services.
To do what we are required to do by law
What Data we use: Name, Email, Date of Birth, Telephone Number
How We will use Data: We may be required to retain or use your data if we have a legal duty or obligation to do so. This may be in the context of an employer and retaining certain employee data for a certain period of time, or it may be in the context of providing law enforcement agencies with data to aid with legal proceedings.
To assist you where you may be at risk
What Data we use: Name, Email, Address, Telephone Number, GP Information
How We will use Data: We may use your Data to assist where your health or life is in danger. We can use your data in this way because it protects your vital interests.
HOW LONG CAN WE KEEP YOUR PERSONAL DATA FOR
We may only keep your personal data for as long as it is required for one of the reasons detailed in the above section.
We have policies about how we keep/store your personal data. The periods differ depending on the period and the purpose for which we are using your personal data and the nature of the personal data.
How long we keep the data is determined by the period we need to keep it for in line with fulfilling the service and our legal obligations.
We typically retain personal data for approximately 7 years from the point the data is no longer used however in some cases, such as legal requirements, we may be required to keep it longer.
When data is no longer required for its purpose, we ensure data is securely and irrevocably deleted from our system.
WHEN CAN YOU ASK US TO STOP USING YOUR DATA
We rely on consent and lawful basis for processing in order to fulfill the products and services we offer and also so we can contact you directly about the status of your product/service.
You can ask us to stop using your Data at any time, however in doing so we will be unable to continue providing the service.
In order to request that we stop using your data, you can send us an email to firstname.lastname@example.org stating that you wish for us to stop using your data immediately.
WHAT HAPPENS IF YOU DON’T GIVE US SOME OF YOUR DATA
It is entirely optional to provide consent for us to collect and process your data, however where you do not provide the Data we need in order to provide the requested RevolutionEyes Me service or to fulfill a legal requirement, we will not be able to fulfill the service requested.
HOW TO CONTACT US ABOUT THIS PRIVACY STATEMENT
You may contact us at any time via email or post to query anything that may have come up from reading this statement.
Address: RevolutionEyes Me Ltd, Att: Operations, 18 Sulgrave Road, London W6 7RP United Kingdom
We can be contacted at the addresses above for one or more of the following reasons:
To ask Us to fix Personal Data about You that is wrong or incomplete, or delete Personal Data about You.
To tell Us that You no longer consent to Us using Personal Data about You and to ask Us to stop. This would not invalidate Our use of the Personal Data prior to the withdrawal of consent.
To tell Us to stop using Your Personal Data for direct marketing purposes.
To ask Us to send You the Personal Data We have about You. This is sometimes called a "subject access request".
On or after 25 May 2018, We can also be contacted at the address above for the following reasons:
To ask Us to provide You with the Personal Data You have provided to Us. We will provide the Personal Data in a CSV formatted document so that another organisation's software can understand that Personal Data. This is sometimes called a "data portability" right.
To ask Us not to use Personal Data about You in a way that allows Our computer systems to make decisions about You.
To request that We restrict use of Your Personal Data or to object to its use (including objecting to data used in Our "legitimate interests").
Sometimes We will not be able to stop using Your Personal Data when You ask Us to (e.g. where We need to use it because the law requires Us to do so).
You have the right to complain about how We treat Your Personal Data to the Information Commissioner's Office (the "ICO"). The ICO can be contacted at:
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate) or 01625 545 745
CHANGES TO THIS PRIVACY STATEMENT
We may update this Privacy Statement from time to time. We will notify You of the changes where required by law to do so.
Last modified on 21/06/2018