Hero Health Privacy Policy

Hero Health (Company name: Hero Doctor Ltd 10924177) is committed to protecting the privacy of your personal information. This is a legal obligation of Hero Health. However, as a business which values its reputation, it is also in our interests to ensure that protection. We are governed by our Terms of Use, please read these carefully in order to fully understand the Privacy Policy.

We collect personal information from you when you provide it to us through our website. Any information we store is held on secure servers in the EU.

We take steps to protect your information from misuse, loss and unauthorised access by:

• Ensuring we have strict security procedures for access to our business premises
• Internet security such as password protection, firewalls and encryption

We only disclose your information to a third-party when we need to do so to provide a service that you have requested, unless we are required to do so by law. Our Privacy Policy does not apply to any other web service or digital service that you may be able to access through our site or any web service or digital services of Hero’s business partners, each of which have data collection, storage and use practices and policies that may differ from this Privacy Policy.

By agreeing to our privacy policy you are accepting and consenting to the terms outlined in this policy

1. Information we may collect from you

When you use the Hero Health platform for accessing appointments with health professionals we collect personal information including:

• Your full name
• Your date of birth
• Your contact details (email address, phone number and address)
• The type of appointment you are requesting
• The reason for asking for the appointment
• Payment details

Normally we collect information directly from you but we may also collect your personal information from our website, from email or via telephone.

We may also collect information from third parties such as family members, legal guardians, insurance companies or other people you have authorised to provide your personal information to us.

We require you to provide accurate details and do not permit you to use a pseudonym or remain anonymous. Some information is designated as mandatory and without this information you may not be able to access Hero Health.

Hero Health uses social networking services such as Instagram, Facebook and Twitter to communicate about our activities. We may collect your personal information when you communicate with us by using these social networking services, and the social networking services will also handle your personal information for their own activities.

2. Why do we collect and use your personal information

• To provide you with services
• For communicating with you about our products and services
• For quality assurance purposes
• To make disclosures as required by regulatory bodies (e.g., CQC)
• Where you request or have consented to insurance companies who are paying for your service
• Where you request it, to provide it to your GP, laboratory services or other healthcare practitioners to whom we refer you
• To process your payment for products and services
• On a de-identified basis for analysis research and marketing

3. Third-party service providers

We may use third-party providers to provide some or all of the services on our behalf. Where this happens you may be providing personal data to such service providers and be subject to the terms of the privacy policy of that service provider. Those service providers will be reputable entities who are subject to the similar privacy obligations to those applicable to Hero Health.

We do not accept any responsibility or liability for third-party service providers.

We do not store any credit or debit card information. Payments are processed via a third-party payment provider that is fully compliant with level 1 payment card industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology.

We encrypt data transmitted to and from the website. However secure transmission of information via the internet cannot be fully guaranteed due to potential events beyond our control and you acknowledge transmission is at your own risk.

Subject to the above provisions, you agree to the transfer, storing or processing of your personal data.

4. Tracking tools, behavioural advertising, and opt out options

4.1 Tracking tools

We may use the tools outlined below in order to provide our Services to, advertise to, and to better understand users.

• Cookies: "Cookies" are small computer files transferred to your computing device that contain information such as user ID, user preferences, lists of pages visited and activities conducted while using the Services. We use cookies to improve or tailor the Services, customise advertisements by tracking navigation habits, measuring performance, and storing authentication status so re-entering credentials is not required, customise user experiences with the Services, and for analytics and fraud prevention. For more information on cookies, including how to control your cookie settings and preferences, visit http://www.allaboutcookies.org

Some cookies are placed by a third-party on your device and provide information to us and third parties about your browsing habits (such as your visits to our Services, the pages you have visited, and the links and advertisements you have clicked). These cookies can be used to determine whether certain third-party services are being used, to identify your interests, and to serve advertisements relevant to you. We do not control third-party cookies.

• Web beacons: “Web Beacons” (a.k.a. clear GIFs or pixel tags) are tiny graphic image files embedded in a web page or email that may be used to collect information about the use of our Services, the websites of selected advertisers and the emails, special promotions or newsletters that we send. The information collected by Web Beacons allows us to analyse how many people are using the Services, using selected publishers’ websites or opening emails, and for what purpose, and also allows us to enhance our interest-based advertising (discussed further below).
• Web service analytics: We may use third-party analytics services in connection with the Services, including, for example, to register mouse clicks, mouse movements, scrolling activity and text typed into the Site. We use the information collected from these services to help make the Services easier to use and as otherwise set forth in Section 6 (How we use your information). These analytics services generally do not collect Personal Information unless you voluntarily provide it and generally do not track your browsing habits across web services that do not use their services.
• Mobile device identifiers: As with other Tracking Tools, mobile device identifiers help Hero learn more about our users’ demographics and internet behaviours in order to personalise and improve the Services. Mobile device identifiers are data stored on mobile devices that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of Personal Information (such as media access control, address and location) and Traffic Data.

4.2 Behavioural advertising

We may use a type of advertising commonly known as interest-based or online behavioural advertising. This means that some of our partners use Tracking Tools, such as cookies, pixel tags, and web beacons, to collect information about a user’s online activities to display Hero Health ads to the user based on the user’s interests (“Behavioural Advertising”). Such partners may include third-party service providers, advertisers, advertising networks or platforms, traffic measurement service providers, marketing analytics service providers, and other third-party service providers (collectively, “Advertising Service Providers”). Other Tracking Tools used by our partners may collect information when you use the Services, such as IP address, mobile device ID, operating system, browser, web page interactions, geographic location and demographic information, such as gender and age range. These Tracking Tools help Hero learn more about our users’ demographics and internet behaviours.

4.3 Options for opting out of cookies and mobile device identifiers

Some web browsers allow you to reject cookies or to alert you when a Cookie is placed on your computer, tablet or mobile device. You may be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. Although you are not required to accept Hero’s cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.

• You may opt out of receiving certain cookies and certain trackers by visiting the Network Advertising Initiative (NAI) opt out page or the Digital Advertising Alliance (DAA) consumer opt-out page, or by installing the DAA’s AppChoice app (for iOS; for Android) on your mobile computing device. When you use these opt-out features, an “opt-out” Cookie will be placed on your computer, tablet or mobile computing device indicating that you do not want to receive interest-based advertising from NAI or DAA member companies. If you delete cookies on your computer, tablet or mobile computing device, you may need to opt out again. For information about how to opt out of interest-based advertising on mobile devices, please visit http://www.youronlinechoices.com/uk/about-behavioural-advertising. You will need to opt out of each browser and device for which you desire to apply these opt-out features.
• Even after opting out of Behavioural Advertising, you may still see Hero advertisements that are not interest-based (i.e. not targeted toward you). Also, opting out does not mean that Hero is no longer using Tracking Tools — Hero still may collect information about your use of the Services even after you have opted out of Behavioural Advertising and may still serve advertisements to you via the Services based on information it collects via the Services.

This Privacy Policy does not cover the use of cookies and other Tracking Tools by any third parties and we aren’t responsible for their privacy policies and practices. Please be aware that some cookies placed by third parties can continue to track your activities online even after you have left our Services.

5. How Hero responds to browser “do not track” (DNT) signals

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to web services that a visitor does not want to have his/her online activity and behavior tracked. If a web service operator elects to respond to a particular DNT signal, the web service operator may refrain from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and there is currently no industry consensus as to what constitutes a DNT signal. For these reasons, many web service operators, including Hero, do not proactively respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.

6. How we use your information

We may use information that is neither Personal Information nor PHI (including non-PHI Personal Information that has been de-identified and/or aggregated) to better understand who uses Hero and how we can deliver a better healthcare experience (for example, testing different kinds of emails has helped us understand when and how patients prefer to get Wellness Reminders for preventive care), or otherwise at our discretion.

We use information, including Personal Information, to provide the Services and to help improve the Services, to develop new services, and to advertise (for example, to display Hero ads on other web services). Specifically, such use may include:

• Providing you with the products, services and information you request;
• Responding to correspondence that we receive from you;
• Contacting you when necessary or requested, including to remind you of an upcoming appointment;
• Providing, maintaining, administering or expanding the Services, performing business analyses, or for other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer;
• Customising or tailoring your experience of the Services, which may include sending customised messages or showing you Sponsored Results;
• Notifying you about certain resources, Healthcare Providers or services we think you may be interested in learning more about;
• Sending you information about Hero or our products or Services;
• Sending emails and other communications that display content that we think will interest you and according to your preferences;
• Combining information received from third parties with information that we have from or about you and using the combined information for any of the purposes described in this Privacy Policy;
• Showing you advertisements, including interest-based or online behavioural advertising;
• Using statistical information that we collect in any way permitted by law, including from third parties in connection with their commercial and marketing efforts;
• Fulfiling our legally-required obligations, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities;
• Resolving disputes;
• Protecting against or deterring fraudulent, illegal, or harmful actions; and enforcing our Terms of Use and other agreements.

7. How we share your information

In certain circumstances, and in order to perform the Services, we may share certain information that we collect from you, as described in this section:

• Healthcare Providers: We may share your Personal Information with Healthcare Providers with whom you choose to schedule through the Services. For example, if you complete a Medical History Form using the Services in advance of an appointment and elect to share it with your selected Healthcare Provider, we may share your Medical History Form with such selected Healthcare Providers. Provided that you choose to use the applicable Services, we may share your Personal Information with your Healthcare Providers to enable them to refer you to and make appointments with other Healthcare Providers on your behalf or to perform analyses on potential health issues or treatments. We may share your Personal Information with Healthcare Providers in the event of an emergency.
• Health Information Exchanges: To make your information more securely and easily accessible to your Healthcare Providers, we may share your Personal Information with Health Information Exchanges and related organisations that collect and organise your information (such as Regional Health Information Organisations). The goal of such organisations is to facilitate access to health information to improve the safety, quality, and efficiency of patient-centred care.  More information on Health Information Exchanges can be found here and here.
• We do not sell email addresses to third parties. We may share your Personal Information with our partners to customise or display our advertising.
• We may share your Personal Information and/or Traffic Data with our partners who perform operational services (such as hosting, billing, fulfilment, data storage, security, insurance verification, web service analytics, or ad serving) and/or who make certain services, features or functionality available to our users.
• Cross-device matching: To determine if users have interacted with content across multiple devices and to match such devices, we work with partners who analyse device activity data and/or rely on your information (including demographic, geographic and interest-based data). To supplement this analysis, we also provide de-identified data to these partners. Based on this data, we may then display targeted advertisements across devices that we believe are associated or use this data to further analyse usage of Services across devices.
• We may share your Personal Information with the insurance provider you identify to us (and do so via our partners) to determine eligibility and cost-sharing obligations, or otherwise obtain benefit plan and other insurance-related information on your behalf.
• Business transfers: We may transfer your Personal Information to another company in connection with a proposed merger, sale, acquisition or other change of ownership or control by or of Hero (whether in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
• Public information and submissions: You agree that any information that you may reveal in a review posting, online discussion or forum is intended for the public and is not in any way private. Carefully consider whether to disclose any Personal Information in any public posting or forum. Your submissions may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
• Protection of Hero and others: We also may need to disclose your Personal Information or any other information we collect about you if we determine in good faith that such disclosure is needed to: (1) comply with or fulfil our obligations under applicable law, regulation, court order or other legal process; (2) protect the rights, property or safety of you, Hero or another party; (3) enforce the Agreement or other agreements with you; or (4) respond to claims that any posting or other content violates third-party rights.
• Other information: We may disclose information that is neither Personal Information nor PHI (including non-PHI Personal Information that has been de-identified and/or aggregated) at our discretion.

8. Storage and security of information

The security of your Personal Information is important to us. We endeavour to follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and in storage. For example, when you enter sensitive information on our Site, we encrypt that information using Secure Socket Layer (SSL) technology.

We store and process your information on our servers in the United States and abroad. We maintain industry-standard backup and archival systems.

Your account is protected by a password for your privacy and security. If you access your account via a third-party site or service, you may have additional or different sign-on protections via that third-party site or service. You must prevent unauthorised access to your account and Personal Information by selecting and protecting your password and/or other sign-on mechanism appropriately, and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

Although we make good-faith efforts to store Personal Information in a secure operating environment that is not open to the public, we do not and cannot guarantee the security of your Personal Information. If at any time during or after our relationship we believe that the security of your Personal Information may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavour to notify you as promptly as possible under the circumstances.  If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date. You can update that e-mail address anytime. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your e-mail account using your computer or mobile device and email application software. You consent to our use of e-mail as a means of such notification. If you prefer for us to use the UK postal service to notify you in this situation, please e-mail us at notifications@herodoctors.co.uk. Please include your address when you submit your request. You can make this election any time, and it will apply to notifications we make after a reasonable time thereafter for us to process your request. You may also use this e-mail address to request a print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your Personal Information.

9. Your choices

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

If you are a registered user of the Services, you can modify certain Personal Information or account information by logging in and accessing your account. The information you can view, update, and delete may change as the Services change.

If you wish to close your account, please email us at notifications@herodoctors.co.uk. Hero will use reasonable efforts to promptly delete your account and the related information. Please note, however, that Hero reserves the right to retain information from closed accounts, including to comply with law, prevent fraud, resolve disputes, enforce the Agreement and take other actions permitted by law.

You must promptly notify us if any of your account data is lost, stolen or used without permission

10. How long we retain your information

We retain Personal Information about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Information for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, prevent fraud, enforce the Agreement, or as otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalised or aggregated form but not in a way that would identify you personally.

11. Information provided on behalf of children and others

As noted in the Terms of Use, the Services are not intended for use by children and children under the age of 13 are prohibited from using the Services. Hero does not knowingly collect any information from children, nor are the Services directed to children. If you are under 13, please do not attempt to register for the Services or send any Personal Information about yourself to us.

By accessing, using and/or submitting information to or through the Services, you represent that you are not younger than age 13. If we learn that we have received any information directly from a child under age 13 without his/her parent’s written consent, we will use that information only to respond directly to that child (or his/her parent or legal guardian) to inform the child that he/she cannot use the Services, and we will subsequently delete that information. If you believe that a child under 13 may have provided us Personal Information, please contact us at notifications@herodoctors.co.uk.

If you are between age 13 and the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. If you are a parent or legal guardian of a minor child, you may, in compliance with the Agreement, use the Services on behalf of such minor child. Any information that you provide us while using the Services on behalf of your minor child will be treated as Personal Information as otherwise provided herein.

If you use the Services on behalf of another person, regardless of age, you agree that Hero may contact you for any communication made in connection with providing the Services or any legally required communications. You further agree to forward or share any such communication with any person for whom you are using the Services on behalf.

12. Other web services

The Services contain links to or embedded content from third-party web services. A link to or embedded content from a non-Hero web service does not mean that we endorse that web service, the quality or accuracy of information presented on the non-Hero web service or the persons or entities associated with the non-Hero web service. If you decide to visit a third-party web service, you are subject to the privacy policy of the third-party web service as applicable and we are not responsible for the policies and practices of the third-party web service. We encourage you to ask questions before you disclose your information to others.

You may have arrived at the Services from, or began your use of the Services at, a third-party web service, including a third-party web service that links to Hero or embeds Hero’s content. The presence of such links or content on third-party web services does not mean that we endorse that web service, the quality or accuracy of information presented on the non-Hero web service or the persons or entities associated with the non-Hero web service. You may be subject to the privacy policy of the third-party web service as applicable and we are not responsible for the policies and practices of the third-party web services. In addition, the policies and practices of third parties do not apply to your information, including Personal Information, obtained pursuant to this Privacy Policy.

13. Updates and changes to privacy policy

The effective date of this Privacy Policy is set forth at the bottom of this webpage. We will notify you of any material change by posting notice on this webpage. Your continued use of the Services after the effective date constitutes your acceptance of the amended Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Any amended Privacy Policy supersedes all previous versions. IF YOU DO NOT AGREE TO FUTURE CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES.

Access to information

Legislation gives you the right to access information held about you. Further information can be found here http://www.legislation.gov.uk/ukpga/2000/36/contents

Access requests will incur a fee to meet our costs in providing you with the details of information we hold about you

How to contact us

By letter: Privacy Officer Hero Health, 3rd Floor Mayfield House, 256 Banbury Road, Oxford OX2 7DE

By email: notifications@herohealth.net

By phone: 01865 423 425

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our cookie policy

Last updated on 16th September, 2019