Information about Joy

About
How it works
Privacy policy
Terms of use
Privacy policy

Joy Privacy Policy for Individuals

INTRODUCTION  

This policy is designed to be simple, and clear to understand without the usual jargon included – within the document you will find out what information we collect, how we use it and what your rights and choices are relating to your personal data, this privacy policy is written in line with the EU GDPR and UK DPA 2018. 

STATEMENT 

Pungo limited is based within the United Kingdom, and as such is registered with the Information Commissioner’s Office (ICO) as a Data Processor under the UK Data Protection Act of 2018, reference ZA658349. 

PERSONAL DATA 

Personal data is provided to us via the following avenues; 

Personal details 

·         When you register with us or make a booking, the following details are collected – Name, DOB, phone number, postcode and email address.

·         Facebook sign up will capture details associated with your account including name, DOB, phone number, postcode and email address.

YOUR RIGHTS 

As per the Data Protection Act and refined by the General Data Protection Regulation, you have multiple rights which can be exercised. This includes; 

·         requesting a copy of your personal data that we hold 

·         updating the personal data that we hold in order to keep your data accurate 

·         the ability to provide your data in a commonly used format for transfer elsewhere 

·         updating your consent and objecting to direct marketing and; 

·         requesting that your data is erased (we will always do this unless we have a valid reason. If your data cannot be deleted, we will provide you with the justification.) 

If we do not address your request or fail to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office to make a compliant. They can be contacted via www.ico.org.uk or by telephone on 0303 123 1113. 

DECLARATION OF SHARING 

We use third party solutions for the hosting of our website and application (mobile and web), including analytics to better our service and provide the best experience. 

Our website is hosted with WordPress and our app we host within Amazon Web Services (AWS) but we have reviewed this from a security and privacy perspective and have proceeded on the basis that it meets our requirements. We ensure that we carry out data minimisation to capture the minimal amount of information through this route.

Services 

As part of the Joyapp we provide you with a list of services which can be used as referrals for your patients, we have carried out baseline reviews against the services as part of our obligations as a data processor to ensure there is a level of security.

RETENTION PERIOD 

We will hold your data for the duration of service plus three years. The reason for the extra three-year period is in the case of being re-referred, you can choose to have all data immediately deleted upon request. 

CHILDREN'S DATA 

If you are using Joy’s services for the purpose of processing a child's data, you must ensure that you have the appropriate processes, procedures and protections in place for doing so. If a child has used this website without parental consent, please contact dataprotection@explorejoy.co.uk for rectification. 

COOKIES 

Cookies are small text files which are transferred from our websites, applications or services and stored on your device. 

We have ensured that we use the absolute minimum and have only one cookie in use on the website – you can edit your cookie settings with the cookie banner when you access this website.

EXTERNAL LINKS 

Throughout the website we may provide links to external parties and partners for further information and content. Whilst we take every precaution to ensure that your time on this website is safe and secure, Pungo Limited cannot guarantee the security of third-party sites and must advise that the usual internet safety precautions should be used. 

REVIEW, UPDATES AND CONTACT 

If you have any questions about this Privacy Policy, would like to exercise any of your rights, or to make a complaint, please write to: 

dataprotection@explorejoy.co.uk 

This policy will be updated regularly and was last reviewed on 18/11/2020 

Joy Privacy Policy for Clinicians/professionals and Service operators

INTRODUCTION  

This policy is designed to be simple, and clear to understand without the usual jargon included – within the document you will find out what information we collect, how we use it and what your rights and choices are relating to your personal data, this privacy policy is written in line with the EU GDPR and UK DPA 2018. 

STATEMENT 

Pungo limited is based within the United Kingdom, and as such is registered with the Information Commissioner’s Office (ICO) as a Data Processor under the UK Data Protection Act of 2018, reference ZA658349. 

PERSONAL DATA 

Personal data is provided to us via the following avenues; 

Personal details 

·         When you, the clinician/professional, register with us we will process your name, your employer, job title and your contact details.

Your patient's personal details

·         When making a referral the following patient details are collected – Name, DOB, contact details, NHS number and gender. 

·         In addition to this, you may choose to provide us with the health and medical information of your patient, if you’ve obtained the relevant explicit consent. For example, you may wish to include health and sensitive information such as symptoms, treatments, medications, referrals, allergies and ethnicity.  

·         When choosing to provide this information, we require explicit consent before doing so.

Note - When patient data is involved, Joy is the data processor and you are the controller and are required to have your own processes in place for ensuring that you are capturing and processing personal data in a compliant manner. Joy has features within it to help you meet compliance, such as consent capturing.

Service information 

·         You may list a service on the Joy platform such as an activity or class. Details of that information such as contact details for the service are stored securely within our database. 

YOUR RIGHTS 

As per the Data Protection Act and refined by the General Data Protection Regulation, you have multiple rights which can be exercised. This includes; 

·         requesting a copy of your personal data that we hold 

·         updating the personal data that we hold in order to keep your data accurate 

·         the ability to provide your data in a commonly used format for transfer elsewhere 

·         updating your consent and objecting to direct marketing and; 

·         requesting that your data is erased (we will always do this unless we have a valid reason. If your data cannot be deleted, we will provide you with the justification.) 

If we do not address your request or fail to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office to make a compliant. They can be contacted via www.ico.org.uk or by telephone on 0303 123 1113. 

DECLARATION OF SHARING 

We use third party solutions for the hosting of our website and application (mobile and web), including analytics to better our service and provide the best experience. 

Our website is hosted with WordPress and our app we host within Amazon Web Services (AWS) but we have reviewed this from a security and privacy perspective and have proceeded on the basis that it meets our requirements. We ensure that we carry out data minimisation to capture the minimal amount of information through this route.

Services 

As part of the Joyapp we provide you with a list of services which can be used as referrals for your patients, we have carried out baseline reviews against the services as part of our obligations as a data processor to ensure there is a level of security.

RETENTION PERIOD 

We will hold your data for the duration of service or until you delete the data. When you choose to delete the data it will permanently be deleted upon request. 

CHILDREN'S DATA 

If you are using Joy’s services for the purpose of processing a child's data, you must ensure that you have the appropriate processes, procedures and protections in place for doing so. If a child has used this website without parental consent, please contact dataprotection@explorejoy.co.uk for rectification. 

COOKIES 

Cookies are small text files which are transferred from our websites, applications or services and stored on your device. 

We have ensured that we use the absolute minimum and have only one cookie in use on the website – you can edit your cookie settings with the cookie banner when you access this website.

EXTERNAL LINKS 

Throughout the website we may provide links to external parties and partners for further information and content. Whilst we take every precaution to ensure that your time on this website is safe and secure, Pungo Limited cannot guarantee the security of third-party sites and must advise that the usual internet safety precautions should be used. 

REVIEW, UPDATES AND CONTACT 

If you have any questions about this Privacy Policy, would like to exercise any of your rights, or to make a complaint, please write to: 

dataprotection@explorejoy.co.uk 

This policy will be updated regularly and was last reviewed on 18/11/2020