Syncare takes data privacy and security very seriously. We take all usual technical measures to prevent unauthorized access to your data on our servers. All data sent by users is encrypted and only readable by the device of each receiver, no other party including Syncare, can decrypt any of this data. We will never sell or provide your personal data to third parties without your consent, other than required by law.
Technology Hubz ltd, trading as Syncare (“us”, “we”, or “our”) is the data controller and operates the Syncare mobile application (the “Service”) and www.syncarehq.com website.
We are a company registered in England and Wales with the company registration number 13498430. Our registered office is 71-75 SHELTON STREET, COVENT GARDEN, LONDON, WC2H 9JQ.
You can contact Syncare:
Providing personal data is never compulsory. You can always decide whether or not to provide personal data. However, in order to be able to make use of a number of our services the provision of personal data is necessary. If we ask for the input of personal data, we will indicate which data are necessary to make use of the service and therefore must be provided, and which data can be provided optionally.
When we provide our products and services we may process your personal data. This could include the following personal data:
We will not retain your Personal Data for longer than is necessary under the principle of data minimisation. User account details are stored for the duration of you maintaining an account. We will only retain your personal data for as long as it is required to fulfill the original purpose for which it was collected, including the purposes of satisfying any legal, accounting, or reporting requirements.
Messages are end-2-end encrypted. To prevent eavesdropping by third parties (e.g. in open wireless LANs), header information of messages (sender, recipient etc.) is protected by industry standard transport layer security for transmission to the server, and from the server to the recipient.
Although messages are securely sent and received through the Service, it is in all cases and always the user’s responsibility to determine if the receiver(s) is/are authorised to receive any possibly privacy sensitive information, like for example medical information that is reducible to a specific patient. Users are therefore responsible and liable for information they send to other users. Syncare cannot be held responsible or liable for any privacy sensitive information sent through the Service by users without the required authorization.
Your personal data may be processed for the following purposes:
Your personal data will not be used for purposes other than those listed above.
We may process personal data because we have a legitimate interest in doing so. This means that we are allowed to process personal data if such processing is necessary for our business activities, as long as your privacy does not override that interest. We may also process personal data because it is necessary for a contract we have with you, or to comply with legal obligations. In those cases in which we need your consent for processing we will not process that personal data until we have obtained your consent, and we will discontinue processing that data in case you withdraw your consent.
The data that is processed by us as a result of your use of our App will not be transferred outside the European Economic Area (“EEA”).
The data that we collect from you via the website may be transferred to, and stored at, a destination outside the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers for example of email marketing services. By submitting your personal data, you agree to this transfer, storing or processing.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and US. For further details, see European Commission: EU-US Privacy Shield.
Under the General Data Protection Regulation (GDPR), data subjects whose data is processed by Syncare are entitled to exercise certain rights against their personal data. These rights are designed to put Data Subjects in the driving seat when it comes to how their personal data is handled by organizations.
Syncare is obliged to ensure that any communications regarding our data processing activities between ourselves and any Data Subjects is provided is a clear and transparent manner. This is provided by this Privacy Notice.
As per GMC requirements for doctors and other health professionals that patient records should be clear, accurate and legible. Syncare users are responsible for ensuring that patient demographics are correct to avoid misidentification of patients. Syncare is not designed as a replacement for written or electronic patient records and any information recorded on the platform should therefore be duplicated in the official patient record.
Syncare functionality allows sharing photographs. Consent should always be sought and confirmed before taking a photograph of a patient, and the health professional should explain its purpose and with whom it will be shared. This consent, and the intended use of the photograph should be obtained and formally documented in line with the clinician’s local guidance. Users must note that the quality of photographs taken within Syncare will depend upon the device, and will not necessarily meet required quality for diagnostic imaging or medical photography. Photographs taken within Syncare should not be used as a substitute for these, but as an adjunct to clinical discussion only.
Where possible, we have tried to ensure that users will not breach guidelines around Information Governance by using Syncare. These precautions include disabling some copy and screenshot functionalities and storing data on secure cloud based servers. Users themselves have a responsibility to understand the need to not attempt to copy or store Patient Identifiable Data on their personal devices.
It is assumed that Syncare users will have completed basic Information Governance training in accordance with mandatory training requirements in healthcare. It is the responsibility of the individual and of the organisation to ensure this is valid and up to date.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites
Cookies are small text files that are stored by your browser. Below we briefly explain what cookies we use and do not use for our website, and what their purpose is.
Functional cookies store simple anonymised data to allow functions such as login on the website to work properly.
Analytical cookies collect statistics of the users of the website, to enable us to constantly improve your user experience. These cookies do not directly impact the user experience and many browsers provide a mechanism to opt out of them. If you want to block cookies, adjust your browser settings.
Cross Site/Domain cookies are used for identifying a user across multiple websites for tracking purposes. Syncare may receive these cookies from third party websites to determine how users arrived on our website.
However, our website does not place these types of cookies on the computer of users to track them after they have left the Syncare website.
You can delete cookies that are already installed. How to adjust your settings varies by browser. Please consult the help function of your browser.
We have taken appropriate technical and organisational measures to protect your personal data against loss or any form of unlawful processing. We will not retain or keep your data longer than allowed by law, required by law and/or necessary for the purposes for which the data are processed. The retention period therefore depends on the nature of the data and the purposes for which the data is processed. Retention periods may vary accordingly.
You have the right to know which personal data we keep regarding you, to inspect such data, and to request rectification or erasure. You also have the right to request restriction of processing or to object to processing, as well as the right to data portability. You can send an email or a letter to our Data Protection Officer with your name and contact information to email@example.com or to Syncare, Privacy Department, 71-75 SHELTON STREET, COVENT GARDEN, LONDON, WC2H 9JQ. In your request, please specify as much as possible which personal data you refer to. In general, we will respond within four weeks to a request for inspection or correction. In case of a deletion request we will delete the personal data as soon as possible, unless and to the extent that the law requires us to keep the personal data or if there are other compelling reasons to oppose removal. After the execution of a deletion request we will send you a message of confirmation. If the personal data is (partially) not deleted, we will send you a message in which we explain why your request could not (fully) be met. If we cannot identify which personal data are meant by a request for inspection, correction or deletion, we may ask you to specify your request in more detail. We suspend the execution of the request until you have provided us with such detailed specification.
You always have the right to lodge a complaint with the supervisory privacy authority in your country of residence or in the United kingdom.
3rd October 2021