Privacy Policy for Caros Connect

Last updated: 30th November 2018

Our privacy policy is here to help you understand what information Caros Connect Limited (“us”, “we”, or “our”) collects about users of our website and of any mobile application made available by us (together, the “Service”). This privacy policy explains how we store, protect and use that information, how and when we may need to disclose that information, what your rights are and the choices you can make.

We will not use or share your information with anyone except as described in this privacy policy. We will never sell your data to third parties.

Unless otherwise defined in this privacy policy, terms used in this privacy policy have the same meanings as in our Terms of Use.

Who we are

Caros Connect is registered with Companies House as Caros Connect Limited.

Our website address is www.carosconnect.com

Our registered business address is 860-862 Garratt Lane, London, England, SW170NB, UK.

Help is available via email through support@carosconnect.com

Nominated representative: Amer Fasihi

ICO registration: ZA201594

Regarding your personal data, we act as both data controller and processor.

Types of data we collect

Users of the service

We may collect and process the following data about you: name, email, country, health readings that you record on devices or upload to your online profile (including blood pressure, activity levels and weight), any information about you that you enter in messages and any information about you that other users enter in messages.

We use this information to provide the Service to you, identify you when you use the Service, to send you login details and to notify you about changes to the Service

Contacts

We may collect personal information from individuals who contact us via email. This will include name and contact details, including email address.

We will use this information to answer any questions that you send us and now and again to check that you’re happy.

Communications

We may use your personal information to contact you with important communications about Caros Connect, marketing or promotional materials and other information that may be of interest to you.

Third Parties

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service related services or to assist us in analysing how our Service is used.

We may share your personal data (including health information) with individuals that you invite to your care network (“Supporters”), e.g. your family, friends, doctor etc. By issuing invitations to individuals to become Supporters you give us express permission to share all information and data stored in your profile with them. They will see all of the information that you have uploaded to your online profile. Some of this information may be highly sensitive so please consider carefully who you wish to share it with. You can remove Supporters from your network at any time so that they may no longer view your personal information.

Data may be shared with our application support service providers E-Team (based in Karachi, Pakistan) for reasons including to resolve issues for users such as being unable to log-in, or other profile related issues as they may arise. For more information, please see their privacy policy.

Our servers and hosting support are provided by 1&1 Internet, which is a company based in the UK. For more information, please see their privacy policy.

Caros Connect will only transfer data outside of the European Economic Area or EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data.

Compliance with Laws

We will disclose your Personal Information where required to do so by law, or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement, or to protect the security or integrity of our Service.

Legal Basis for Data Processing

For all individuals, we rely on separate, explicit consent for direct marketing.

You can withdraw your consent for further processing, fully or for certain purposes at any time by emailing support@carosconnect.com . Details are found further down this page.

In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases. Therefore, it is important to note that withdrawing consent may affect the services we are able to offer you. We may need to continue to process data relating to your request to withdraw consent.

Users of the Service

We process your data, that is your name, email and any additional personal information you send us, on the basis of section 6(1)(a) of GDPR, explicit consent. Users provide explicit consent when signing up by ticking to accept this privacy policy.

Non-disclosure of Personal Identifiable Data

We will not sell, share, or otherwise distribute Personal Identifiable Data to third parties except as provided in this Privacy Policy.

This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable user.

Your Rights

This privacy policy does not impact upon your rights as a data subject under current data protection law.

You have the right to:

  • request access to, deletion of or correction of, your personal data held by us at no cost to you;
  • request that your personal data be transferred to another person (data portability);
  • be informed of what data processing is taking place;
  • restrict processing;
  • object to processing of your personal data; and
  • lodge a complaint with the ICO as our supervisory authority.

You also have rights with respect to automated decision-making and profiling.

A subject access request (SAR) can be made via email to support@carosconnect.com or via post to the address listed above.

Disclosing Your Information

If Caros Connect is involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy. In the event of such a transfer of information, your rights under the Data Protection Act 2018, EU GDPR, and other relevant privacy laws are not affected.

We can disclose your information if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights.

We can exchange information with others to protect against fraud or credit risks.

Links to Other Sites

Our website may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site that you visit.

We have no control over, and assume no responsibility for the content of, privacy policies or practices of any third party sites or services.

Children’s Privacy

Caros Connect does not address anyone under the age of 13 (“Children”).

We do not knowingly collect personally identifiable information from Children under 13. If you are a parent or guardian and you are aware that your Children have provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will remove that information from our servers with immediate effect.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Jurisdiction

This Policy shall be governed and construed in accordance with the laws of England and Wales, without regard to its conflict of law provisions.

Contact Us

If you have any questions about this privacy policy, please contact us at support@carosconnect.com

This privacy policy is available via our website or upon request.