1. Important information and who we are
Shelford Capital Ltd (Eleven Health), having its registered office at 19 Abbots Business Park, Primrose Hill, Kings Langley, Hertfordshire, United Kingdom, WD4 8FR trading at 39th Floor One Canada Square, Canary Wharf, London, England, E14 5AB (company number 11365821) (“Eleven Health”).
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. See below for contact details.
2. The data we collect about you
Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been completely removed and the data therefore cannot be re-identified (anonymous data). Data protection law does not apply to data that has been anonymised.
We may collect, use, store and transfer different kinds of personal data about you. We have grouped together those categories of data as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased / received from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website.
- Platform Data includes information about your visit (such as when you first used the Platform and when you last used it, and the total number of sessions you have had on that Platform), including products and services you viewed or used, Platform response times and updates, interaction information (such as button presses or the times and frequency of your interactions with the communications we deliver to you in the Platform or otherwise) and any phone number used to call our customer service number.
- Profile Data includes your username and password, orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our Website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Health and Medical Data includes information about your health, symptoms, treatments, consultations, medications, and procedures. This includes details of your consultations with your GP, hospital appointments, and interactions with our digital services. We may also collect hospital data from Electronic Medical Records (EMR) (including Inpatient, Outpatient, Emergency Department, Pathology, Radiology and Pharmacy information), genetic information about the specific disease type that we are currently monitoring or researching, patient reported condition information (including physiological and mental wellbeing), genetic output, and Biometric data.
We get some of this information directly from you, when you register with us and when you use our services. We will receive your medical history from your GP / healthcare provider in accordance with the consent form that you provide. We will also collect some of this information from wearable devices and linked mobile phone health applications.
The purposes for which we intend to use the data we collect from you can be found in Section 5 below. Please also see the Annex for additional details about how and why Eleven Health uses some of your Health and Medical data.
We also collect, use and share aggregated data. This means grouping deidentified patient data used for research purposes. We are committed to ensuring that all best endeavours are taken to protect patients’ identifiable data. However, we cannot always guarantee that some specific patient characteristic would not allow for patients to be identified in a research environment. Some of our research focuses on the use of statistical or demographic data, for which use cases extend to rare and common diseases.
We may also hold information about you and your health from other apps, devices and services where you have given your consent to that data being shared with us. Examples include where you decide to share information with our Platform which has been collected from a smart watch or similar device.
IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to collect personal data under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
We are committed to protecting the privacy of children as well as adults. A parent or guardian of a child may provide information related to their child. The parent or guardian assumes full responsibility for ensuring that the information that they provide is accurate.
4. How is your personal data collected?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity, Contact, Health and Medical and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our Platform;
- use our Platform;
- subscribe to our service or publications; or
- give us feedback or contact us.
- Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below:
- Technical Data from the following parties: analytics providers.
- Health and Medical data from the following parties:
- Treatment centres;
- Community pharmacy; and/or
- 23andMe / genomic kits.
5. How we use your personal data
We will only use your personal data when we have a lawful basis for doing so. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into, or have entered into, with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we have your explicit consent to process your special category personal data.
To find out more about the types of lawful basis that we will rely on to process your personal data please see the Glossary at Section 11 below.
We will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Our patient consent process involves all patients agreeing to the processing and use of their personal data as part of the Eleven Health programme. Our patient consent process normally involves a Data Subject Access Request, which allows us to process and work with your personal data to provide you with visibility of your own data and records whilst supporting research.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
|Purpose / Activity||Type(s) of data||Lawful basis for processing including basis of legitimate interest (if applicable)|
|To register you as a new customer / create an Eleven Health account||
Performance of a contract with you
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
Marketing and Communications Data
Performance of a contract with you
Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
Marketing and Communications Data
Performance of a contract with you
Necessary to comply with a legal obligation
Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
|To administer and protect our business and the Platform and Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
Necessary to comply with a legal obligation
|To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||
Marketing and Communications Data
|Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences||
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy)
|To make suggestions and recommendations to you about goods or services that may be of interest to you||
Marketing and Communications Data
Necessary for our legitimate interests (to develop our products/services and grow our business)
|To provide insights and recommendations relating to your health and wellbeing (including ensuring that you are able to receive appropriate personalised support from the Platform)||
Health and Medical Data
Performance of a contract with you
|To provide insights to your clinicians relating to your medical history and wellbeing||
Health and Medical Data
Performance of a contract with you
PROMOTIONAL OFFERS FROM US THIRD-PARTY / MARKETING / OPTING OUT
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
You can ask us or third parties to stop sending you marketing messages at any time by logging into the Website or Platform and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of product/service experience or other transactions.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules.
6. Disclosures of your personal data
We may share your personal data with the types of parties set out below for the purposes set out in the table above.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
7. Data Security and Data Transfer
We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any actual or suspected personal data breach and will notify you and/or any applicable regulator of a breach where we are legally required to do so.
No patient identifiable data is transferred outside of the UK. Only aggregated research data is managed on other servers.
We operate under strict security certifications and compliances. Our team continuously strives to work with and adopt new technology to provide valuable insights to our various client base, and protection of the sensitive data we process is important. As such, we are compliant with the following:
- ISO 27001
- Cyber Essentials
- Data Security and Protection Toolkit
- Cyber Security Centre Web Checker.
Eleven Health, alongside our IT partners, are committed to complying with data protection legislation and industry standards. As such, we work closely together to keep you and your data safe in the following areas:
- System access levels and user authentication controls;
- System auditing functionality and procedures;
- Operating system controls such as vulnerability scanning and anti-virus/anti-malware software;
- Network security such as firewalls and penetration testing; and
- Encryption of special category personal data.
Our current process focuses on ensuring that there are strong levels of patient de-identification across the entire Platform and Eleven Health programme as a means of protecting the identity of patients who have joined Eleven Health, as well as a means of insulating these patients from any potential cyber security issues during the programme or in the future. As part of the process, we take steps to ensure that we are compliant with all penetration testing protocols to ensure the protection of patients and their data – this remains the highest priority of Eleven Health.
Data transfer and storage is managed by the data teams at Eleven Health, Draper & Dash and Clevacloud, the resulting infrastructure comprised of an Internet of Things (IOT), referring to a system of interlinked and internet-connected devices able to collect and transfer data in an automated fashion over a wireless network; a Microsoft Azure Database, which works as an Al-powered, automated, and fully managed cloud database for data storage; and Virtual Machine, acting as a computer created within a computer with its own virtual hardware and network interfaces, for web platform hosting.
All data transferred between devices and the Platform’s cloud database will be protected with full encryption, and cyber security will be provided by Microsoft Azure, which creates a highly secure cloud foundation using multilayered, built-in security controls and real-time global cybersecurity intelligence to detect and respond to threats as soon as they arise. Ongoing assessment of ecosystems by the research team’s technical experts will occur, should a more secure provider be identified over the course of the study. Security is an important concern and will be evaluated at each stage within the infrastructure. We will be utilising Azure Security Centre to monitor the security of all Azure assets, and firewall settings will limit access to Windows authenticated users within the Eleven Health infrastructure.
Clevacloud itself functions as our Information Commissioner’s Office (ICO) registered IT partners, in strict compliance with data protection legislation and industry standards. This involves ensuring safety of any data transferred and stored across the aforementioned areas.
Physical security sees our data and disaster recovery sites held within RapidSwitch and Microsoft Azure data centres, both strictly compliant to ISO 27001, ISO 9001 and PCI DSS standards. Manned security and monitoring of these centres occurs on a 24/7/365 basis, with biometric access policies, internal and external CCTV systems, as well as security breach alarms.
Network security follows similarly stringent measures, with access to cloud platforms / resource infrastructure and data strictly controlled through distinct access levels dependent on employee roles – limited to specific parts of cloud platforms, or solely aggregated data – and all access requiring 2 Factor Authentication, complex password protection, and prior authorisation. Furthermore, production databases are not available in any manner outside of the internal environment, preventing direct hacking of databases, and web server access to the cloud platform is accessible only by our developers through secure web panel or SSL (Secure Sockets Layer) encrypted FTPS (File Transfer Protocol Secure) connections. Finally, all internet-facing services are placed within securely segregated DMZ (DeMilitarised Zone) networks that sit between the internal and external network, providing virtual or physical networks isolated from core services by dedicated firewalls with strict access controls – firewalls also utilised for interior network zoning to separate service infrastructure tiers.
Cloud Applications security is provided through firewall clusters enabled with IDS (Intrusion Detection System), server operating systems patched weekly for regular updates, data encrypted using FIPS 140-2 compliant AES256bit encryption, secure communications provided by SSL and TLS (Transport Layer Security), and security credentials encrypted using a one-way hashing model.
8. Data retention
HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
We reserve the right to retain anonymised copies of your data for use in ongoing research purposes.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. Examples of how anonymised data may be used includes expanding the knowledge base for identifying correlations between risks, pathologies, outcomes and optimal treatment pathways. Anonymised data and insights may be used by clinicians, researchers, and other third parties for the improvement of patient care and therapeutic options. Anonymised data will be supported by the use of, and merging with, in-depth multi-source, historic, and live worldwide data.
9. Your legal rights
Our lawful basis for processing your personal data is your consent. Under certain circumstances, you have rights under data protection laws in relation to your personal data. Generally, your rights under data protection laws fall into the following categories:
- Request access to your personal data (commonly known as a “data subject access request”). Please note that there are also various other ways through which you can access your own data (see ‘How my data can be accessed’ in Section 10 below).
- Request correction of the personal data that we hold about you.
- Request erasure of your personal data where there is no good reason for us continuing to process it.
- Object to processing of your personal data where we are relying on a legitimate interest in order to process it.
- Request restriction of processing of your personal data.
- Request the transfer of your personal data to you or to a third party.
- Withdraw consent at any time where we are relying on consent to process your personal data.
Withdrawal of Consent
You have the right to withdraw your consent and require we erase your personal data which we are processing at any time, where at least one of the following grounds applies:
- the processing is no longer necessary in relation to the purposes for which your personal data were collected or otherwise processed;
- our processing of your personal data is based on your consent, you have subsequently withdrawn your consent and there is no other legal ground we can use to process your personal data;
- you object to the processing as set out in the “right to object” section of this policy and we have no overriding legitimate interest for our processing;
- the personal data have been unlawfully processed; and
- the erasure is required for compliance with a law to which we are subject.
10. How my data can be accessed
The means by which your personal identifiable data or aggregated, de-identified data can be accessed are as follows:
- By You – personal identifiable data collected by Eleven Health will be made accessible to you via the accompanying Eleven Health Platform.
- By Your Clinical Team – personal identifiable data collected by Eleven Health will be made accessible to your clinical team via the accompanying Eleven Health clinician web portal. This requires a secure 2FA (Two-Factor Authentication) system in order to enter the web portal, and clinicians will only be able to view the identifiable data of patients registered to them.
- By Other Clinicians or Researchers – de-identified, aggregated data processed by Eleven Health will be made accessible to clinicians and researchers outside of your direct care team via the Eleven Health analytics dashboard. This will be presented only on an anonymised / pseudonymised basis for wider understanding of research questions regarding cohort-level clinical outcomes, care pathways and treatment options.
LAWFUL BASES ON WHICH WE MAY RELY
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.
12. Contact Us
If you have any questions about the processing of your personal data, please contact our Data Protection Officer, Eleven Health at firstname.lastname@example.org.
If you are not happy with how we have processed your personal information, you have the right to make a complaint to the Information Commissioner’s Office. Please see www.ico.org.uk for more information on how to do this.
Additional details about how and why Eleven Health uses some of your data
The Personal Data you consent to share with us may include the types described below. This Annex provides some further detail about how and why certain special category personal data is processed by Eleven Health. Due to the sensitive nature of this data, we are keen for you to have as clear as possible an understanding of what we do with it and why.
General Health Information (Medical Records)
- Details of your diagnosis; to create an understanding of how your disease type links to clinical outcomes and your overall health in order to help you and your clinical team to best manage your condition.
- Healthcare Provider Contact Details; to help you combine and manage aspects of your care within the Eleven Health Platform.
- Medication and Treatment Pathways; to help you and your clinical team track the impacts of your medications on your health at both a historic and real-time level, through additional linkage to your wearable biometric data.
- Medical Appointments and Healthcare Utilisation; to help you and your clinical team better understand the natural history of your disease and what factors might impact your subsequent contacts with, and need for, healthcare.
- Symptoms and Side Effects; to help you and your clinical team see where particular symptoms and side effects have arisen over your care journey, highlighting the causes, potential effective interventions taken in the past, and subsequent outcomes.
- Pathology and Radiology Tests; to help you and your clinical team track your progress throughout your care journey, creating a picture of where your blood tests, scans and other investigations may reflect or predict other key events in your medical history.
- Gender and Ethnicity; to allow healthcare professionals and our partners to better understand how treatment pathways and medications affect different people, prescribing and developing them to be more effective.
Live Health Related Biometrics (Withings ScanWatch)
- Sleep Quality; to help you track your progress over time and for Eleven Health to build the picture of where variations in each component of your sleep may link to other metrics, as well as which factors may impact this.
- Activity Levels; to help you track your progress over time and for Eleven Health to build the picture of where your variations in activity level may link to other metrics, as well as which factors may impact this.
- Heart Rate; to help you track your progress over time and for Eleven Health to build the picture of where your heart rate variations may link to other metrics, as well as which factors may impact this.
- Blood Oxygen Saturation (Sp02); to help you track your progress over time and for Eleven Health to build the picture of where variations in your Sp02 may link to other metrics, as well as which factors may impact this.
- ECG; to help you track your progress over time and for Eleven Health to build the picture of where any instances of atrial fibrillation (irregular heart rhythm) may arise and link to other metrics, as well as which factors may impact this.
Other Health Related Metrics (Eleven Health Platform and 23andMe Genetics Testing Kit)
- Self-Reported Pain and Psychological Wellbeing Scores, EQ-5D Questionnaires and other Quality of Life-related Questionnaires; to help you track your physical and emotional wellbeing over time, linking these to other health metrics in order to better understand the impact of each factor. This will support you in your disease self-management, your clinical team in identifying what the best care options are through their effect on your Pain and Psychological Scores, as well as Eleven Health in predicting where signs of an upcoming event may be on the horizon to alert you and your clinical teams in advance.
- Height and Weight; to help you track your progress throughout your care journey.
- Genomics Output; to help you better understand your genetics and where risk factors may lie. At a de-identified level, this will help clinical teams and researchers to understand which genotypes and variations may link to certain clinical outcomes or responses to treatment.
ANALYTICS AND PREDICTIVE CAPABILITIES OF THE PLATFORM
Upon providing your explicit informed consent for Eleven Health to collect your Health and Medical Data, we process the following information to drive the analytic and predictive capabilities of the Platform and apply it as follows:
- We process the above referenced information and make it available on an:
- individual, identifiable basis to you through the Eleven Health Platform.
- individual, identifiable basis to your hospital team.
- aggregated, identifiable basis to your hospital team.
- We process the information and make it available on an aggregate, anonymised or pseudonymised basis to clinicians outside of your hospital team and to our research partners.
- We only require, store and process the data that you supply that your clinician or hospital require to further your care.
- We deploy a data security infrastructure that ensures only a specific member of Eleven Health has access to your identifiable data in managing the cloud database. No other members of the Eleven Health team or any other third parties will have access to this identifiable data.
This data will be combined to establish associations between key live data metrics and aspects of your medical history, in order to build a better understanding of the disease’s natural history, identify potential triggers of pain crises or severe pathologies such as end organ damage, and elucidate the optimal treatment pathways based upon both deviation from your own baseline biometrics, as well as the outcomes of (de-identified) matched patient profiles.
By understanding your medical history and ongoing care journey, we will be able to predict where your health may show signs of deterioration or an upcoming clinical event, and prompt your clinical team to investigate and provide swift, pre-emptive intervention where appropriate.