This policy is designed to be simple, and clear to understand without the
usual jargon included – within the document you will find out what information
we collect, how we use it and what your rights and choices are relating to your
personal data, this privacy policy is written in line with the EU GDPR and UK
DPA 2018.
STATEMENT
Pungo limited is based within the United Kingdom, and as such is
registered with the Information Commissioner’s Office (ICO) as a
Data Processor under the UK Data Protection Act of 2018, reference
ZA658349.
PERSONAL DATA
Personal data is provided to us via the following avenues;
Personal details
·
When you register with us or make a booking, the
following details are collected – Name, DOB, phone number, postcode and email
address.
·
Facebook sign up will capture details associated
with your account including name, DOB, phone number, postcode and email
address.
YOUR RIGHTS
As per the Data Protection Act and refined by the General Data Protection
Regulation, you have multiple rights which can be exercised. This
includes;
·
requesting a copy of your personal data that we
hold
·
updating the personal data that we hold in order
to keep your data accurate
·
the ability to provide your data in a commonly
used format for transfer elsewhere
·
updating your consent and objecting to direct
marketing and;
·
requesting that your data is erased (we will
always do this unless we have a valid reason. If your data cannot be deleted,
we will provide you with the justification.)
If we do not address your request or fail to provide you with a valid reason
why it is unable to do so, you have the right to contact the Information
Commissioner’s Office to make a compliant. They can be contacted via www.ico.org.uk or by telephone on 0303 123
1113.
DECLARATION OF SHARING
We use third party solutions for the hosting of our website and application
(mobile and web), including analytics to better our service and provide the
best experience.
Our website is hosted with WordPress and our app we host within Amazon
Web Services (AWS) but we have reviewed this from a security and privacy
perspective and have proceeded on the basis that it meets our requirements. We
ensure that we carry out data minimisation to capture the minimal amount of
information through this route.
Services
As part of the Joyapp we provide you with a list of services which can be
used as referrals for your patients, we have carried out baseline reviews
against the services as part of our obligations as a data processor to ensure
there is a level of security.
RETENTION PERIOD
We will hold your data for the duration of service plus three years. The
reason for the extra three-year period is in the case of
being re-referred, you can choose to have all data immediately deleted
upon request.
CHILDREN'S DATA
If you are using Joy’s services for the purpose of processing a child's
data, you must ensure that you have the appropriate processes, procedures and
protections in place for doing so. If a child has used this website without
parental consent, please contact dataprotection@explorejoy.co.uk
for rectification.
COOKIES
Cookies are small text files which are transferred from our websites,
applications or services and stored on your device.
We have ensured that we use the absolute minimum and have only one cookie in
use on the website – you can edit your cookie settings with the cookie banner
when you access this website.
EXTERNAL LINKS
Throughout the website we may provide links to external parties and partners
for further information and content. Whilst we take every precaution to ensure
that your time on this website is safe and secure, Pungo Limited
cannot guarantee the security of third-party sites and must advise
that the usual internet safety precautions should be used.
REVIEW, UPDATES AND CONTACT
If you have any questions about this Privacy Policy, would like to exercise
any of your rights, or to make a complaint, please write to:
This policy will be updated regularly and was last reviewed on
18/11/2020
Joy Privacy Policy
for Clinicians/professionals and Service operators
INTRODUCTION
This policy is designed to be simple, and clear to understand without the usual
jargon included – within the document you will find out what information we
collect, how we use it and what your rights and choices are relating to your
personal data, this privacy policy is written in line with the EU GDPR and UK
DPA 2018.
STATEMENT
Pungo limited is based within the United Kingdom, and as such is
registered with the Information Commissioner’s Office (ICO) as a
Data Processor under the UK Data Protection Act of 2018, reference
ZA658349.
PERSONAL DATA
Personal data is provided to us via the following avenues;
Personal details
·
When you, the clinician/professional, register with us we
will process your name, your employer, job title and your contact details.
Your patient's personal details
·
When making a referral the following patient
details are collected – Name, DOB, contact details, NHS number and
gender.
·
In addition to this, you may choose to provide
us with the health and medical information of your patient, if you’ve obtained
the relevant explicit consent. For example, you may wish to include health and
sensitive information such as symptoms, treatments, medications, referrals,
allergies and ethnicity.
·
When choosing to provide this information, we
require explicit consent before doing so.
Note - When patient data is involved, Joy is the data processor and you
are the controller and are required to have your own processes in place for
ensuring that you are capturing and processing personal data in a compliant
manner. Joy has features within it to help you meet compliance, such as consent
capturing.
Service information
·
You may list a service on the Joy platform such
as an activity or class. Details of that information such as contact details
for the service are stored securely within our database.
YOUR RIGHTS
As per the Data Protection Act and refined by the General Data Protection
Regulation, you have multiple rights which can be exercised. This
includes;
·
requesting a copy of your personal data that we
hold
·
updating the personal data that we hold in order
to keep your data accurate
·
the ability to provide your data in a commonly
used format for transfer elsewhere
·
updating your consent and objecting to direct
marketing and;
·
requesting that your data is erased (we will
always do this unless we have a valid reason. If your data cannot be deleted,
we will provide you with the justification.)
If we do not address your request or fail to provide you with a valid reason
why it is unable to do so, you have the right to contact the Information
Commissioner’s Office to make a compliant. They can be contacted via www.ico.org.uk or by telephone on 0303 123
1113.
DECLARATION OF SHARING
We use third party solutions for the hosting of our website and application
(mobile and web), including analytics to better our service and provide the
best experience.
Our website is hosted with WordPress and our app we host within Amazon
Web Services (AWS) but we have reviewed this from a security and privacy perspective
and have proceeded on the basis that it meets our requirements. We ensure that
we carry out data minimisation to capture the minimal amount of information
through this route.
Services
As part of the Joyapp we provide you with a list of services which can be
used as referrals for your patients, we have carried out baseline reviews
against the services as part of our obligations as a data processor to ensure
there is a level of security.
RETENTION PERIOD
We will hold your data for the duration of service or until you delete the data. When you choose to delete the data it will permanently be deleted upon request.
CHILDREN'S DATA
If you are using Joy’s services for the purpose of processing a child's
data, you must ensure that you have the appropriate processes, procedures and
protections in place for doing so. If a child has used this website without
parental consent, please contact dataprotection@explorejoy.co.uk
for rectification.
COOKIES
Cookies are small text files which are transferred from our websites,
applications or services and stored on your device.
We have ensured that we use the absolute minimum and have only one cookie in
use on the website – you can edit your cookie settings with the cookie banner
when you access this website.
EXTERNAL LINKS
Throughout the website we may provide links to external parties and partners
for further information and content. Whilst we take every precaution to ensure
that your time on this website is safe and secure, Pungo Limited
cannot guarantee the security of third-party sites and must advise
that the usual internet safety precautions should be used.
REVIEW, UPDATES AND CONTACT
If you have any questions about this Privacy Policy, would like to exercise
any of your rights, or to make a complaint, please write to: