top of page

Proud members of the European AI Alliance

Privacy Policy

Effective Date: 15/05/2024

Welcome to myannahealth.com, the digital home of My Anna Health Limited ("we", "us", or "our"). We are committed to protecting the privacy and security of our users' information. This Privacy Policy provides detailed information about how and why we collect, use, store, and protect your personal information.

 

We are the controller and are responsible for your personal information. We are a registered data controller with the UK Information Commissioner’s Office where you can find our details by searching the register using the name “My Anna Health Limited”.

 

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice including any requests to exercise your legal rights, please contact the DPO using the details in the “Contact Us” section below.

1. Information We Collect

​When you visit myannahealth.com, we collect the following types of personal information:

  • Your Name: We collect your name in order to arrange appointments with medical professionals where you confirm you would like us to make this appointment.

  • Information about your Symptoms: We collect information about your symptoms in order to personalise your experience on our platform and to compare your answers against documented symptoms of various conditions. Any such information retained by us after your use of our platform will be fully anonymised. We will not retain any information about your symptoms after your use of our platform which could constitute personal information.

  • Your Email Address: Your email address is collected to send you updates, news, exclusive offers related to our services, to communicate with you regarding your use of our website and to arrange an appointment with medical professionals.

We collect and, where relevant hold, this information because it is necessary for us to do for the use of our platform or website.

 

We also collect and use what is known as aggregated data for any purpose. Aggregated data may be derived from your personal information however it does not reveal your personal information either directly indirectly. For example, we may se aggregated data to calculate a percentage of the users of the platform using a particular feature, such as arranging a consultation with a medical professional.

 

2. How We Use Your Information​

We will only use and share your information where it is necessary for us to carry out our services and in connection with our lawful activities. So that you can fully understand how your personal information may be used we have detailed the purposes for which your information may be used below. In addition we may still be obliged to disclose the information we hold in accordance with our legal obligations.

2.1 Providing you with our Services

We will need to process your personal information in order to provide you with services of our platform and website. This may include processing your personal information in the following ways:

  • Operating the platform;

  • Comparing your symptoms against documented symptoms of various conditions;

  • Communicating with you via the platform;

  • Arranging an appointment for you with a medical professional;

  • Communicating with you about the service you have received from us.

 

2.2 Complying with Legal Obligations

Where you have provided us with your personal information or where you have used our website or our platform, we may be required to collect and process certain personal information about you. This may include processing your personal information in the following ways:

  • Investigating and resolving complaints;

  • Conducting investigations into potential breaches of policies;

  • Managing regulatory matters;

  • Notifying our insurers in cases of incidents, emergencies, regulatory breaches or any complaints or claims received;

  • Defending any complaints, claims or legal proceedings (at whatever stage);

  • Notifying you of changes to our policies or terms and conditions;

  • Complying with your requests where you have exercised any of your rights;

  • Sharing information with law enforcement agencies and other authorities and regulators where we have a legal obligation to do so;

  • Sharing information with third parties where we have been ordered to do so by a court or it is required by any statutory or legal instrument.

 

2.3 Legitimate Interests of My Anna Health Limited

We may also process your personal information where it is in our legitimate interest to do so. We will do this without prejudicing your fundamental rights and freedoms. This may include processing your personal information in the following ways:

  • Improving your experience of the platform;

  • Informing you about new features or to solicit your feedback on the platform or our website;

  • Informing you about new services provided by us;

  • Analysing trends, usage and activities in connection with our website or the platform;

  • Monitoring and improving our business processes and information solutions to ensure business continuity and continuing information security;

  • Performing financial, regulatory and general accounting and reporting;

  • Performing risk reporting and risk management;

  • Protecting our rights and interests including by notifying our insurers or defending any complaints, claims or legal proceedings.

3. Data Encryption and Security​

We employ robust security measures to protect your personal information. All data is encrypted during collection, storage, and transit to prevent unauthorised access, disclosure, alteration, or destruction of your personal information. We will notify you and any applicable regulator of a breach where we are legally required to do so.

4. UK GDPR Compliance​

As a testament to our commitment to data protection, we adhere to the principles of the UK GDPR (this being Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal information and on the free movement of such data (General Data Protection Regulation) as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018) This means we:

  • Process your personal information in a lawful, fair, and transparent manner;

  • Collect your personal information for specified, explicit, and legitimate purposes;

  • Ensure that the personal information collected is relevant and limited to what is necessary for the purposes for which it is processed;

  • Strive to keep your personal information accurate and up to date;

  • Keep your personal information in a form that permits identification for no longer than necessary;

  • Process your personal information in a manner that ensures appropriate security.

5. Sharing of Your Personal Information

​We do not share your personal information with third parties except:

  • ​Where we have your express permission to do so; or

  • Sharing your personal information is necessary for us to provide you with our services, such as arranging an appointment with a medical professional; or

  • We are legally obligated to share your personal information; or

  • Sharing your personal information falls within our legitimate interests.

 

6. Special Categories of Personal Information

We collect personal information about your health and symptoms. Where have collected this personal information, we will not retain this information once you have finished using our platform save where such personal information is anonymised and you are no longer identifiable from the personal information so collected and retained. Please note that your rights under this privacy policy and UK GDPR do not extend to such anonymised personal information.

 

7. Retaining Your Personal Information

We will not retain your personal information for any longer than it is necessary for the purpose that it was obtained, save that in some circumstances we may retain your personal information for longer where we are required to do so by law or we believe that the information or documents may be relevant to protect, exercise or defend our rights.

 

8. Transferring Your Personal Information Overseas

We will only transfer your information outside of the United Kingdom (or European Union as applicable) area unless doing so is necessary to carry out our contract with you or unless you are based outside of the United Kingdom (or European Union as applicable) area.

 

In the event that we must transfer your personal information outside of the United Kingdom (or European Union as applicable) area we will only do so if one of the following conditions are met:

  • You have provided your express consent; or

  • The relevant country has been deemed to provide adequate level or protection for personal information by the European Commission; or

  • Where we use a service provider, we have entered into a contract on the terms which give personal information the same level of protection as it has in the European Economic Area; or

  • Where we use a service provider based in the US, they are a part of Privacy Shield which requires them to provide a similar level of protection to personal information as it has in the European Economic Area.

 

9. Your Rights

Under UK GDPR you have a number of rights in relation to any personal information about you that we hold or process. If you wish to exercise any of these rights, please contact the DPO using the contact details in the “Contact Us” section. We will respond to you within the time limits imposed by the legislation.

 

9.1 Right of Access

You have the right to access the information that we hold about you. Please contact the DPO if you would like a copy of your personal information.

 

We have a period of one calendar month to provide you with information however if we hold a large amount of data or the request is complex we may request a further two calendar months. In order to reduce processing time and ensure that we can get copies of the information to you as quickly as possible please be as specific as possible. If you require all of the information we hold, please say so.

 

You do not need to pay a fee to gain access to your personal information.

 

9.2 Right of Portability

You have the right to access the information that we hold about you in a portable format. What this means is that the personal information that we hold about you will be provided to you in a format that you can reasonably be expect to be able to access, typically as .pdf file(s) or in paper format.

 

9.3 Right of Rectification

If you have noticed that any information that we hold about you is inaccurate, you have the right to require us to correct the information we hold. Please contact the DPO with the correct information.

 

9.4 Right of Erasure

You have the right to request that we erase the personal information that we hold about you. You should do so if you believe that we are not using your information in a lawful manner or we no longer need to process your information for the purposes for which it was provided or you wish to withdraw your consent to us retaining and processing your personal information. To make this request, please contact the DPO.

 

Please note that we may not be able erase your personal information if:

  • There is an going complaint, claim or legal proceedings; or

  • Retention of your personal information is falls under our legal obligations.

 

9.5 Right of Restriction

You have the right to limit the way we use the information we hold about you. You can request that we stop using the personal information that we hold about you for a particular purpose or purposes. You should do so if you believe that we are not using your information in a lawful manner or we no longer need to process your information for the purposes for which it was provided or the information we hold is inaccurate or you have objected to us using your personal information. To make this request, please contact the DPO.

 

Please note that we may not be able to restrict all the purposes for which you request we stop the use of your personal information if:

  • There is an going complaint, claim or legal proceedings; or

  • Processing of your personal information in the manner that it is being processed is falls under our legal obligations.

.

Please also note that restricting the way in which we use your personal information may mean that we will not be able to provide services to you.

 

9.6 Right of Objection

You have the right to object to us processing your personal information. To make this request, please contact the DPO. Please note that we may not be able to comply with your request fully if:

  • There is an going complaint, claim or legal proceedings; or

  • Processing of your personal information in the manner that it is being processed is falls under our legal obligations; or

  • We can demonstrate another compelling and legitimate ground for processing which should override your interests.

 

Please also note that objecting to the use your personal information may mean that we will not be able to provide services to you.

 

9.7 Right to Objection to Direct Marketing, Right to Opt Out

You have an absolute right to object to us processing your personal information for direct marketing purposes and to opt out of any marketing material being sent to you. To make this request please contact the DPO.

 

9.8 Right to Withdraw Consent

You have the right to withdraw your consent to processing your personal information where we rely on your consent to process your information for a specific purpose or in a particular manner. To make this request please contact the DPO.

 

9.9 Right to Lodge a Complaint

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) who are the UK supervisory authority for data protection issues. We do however encourage you to contact our DPO in the first instance to resolve any issues.

 

9.10 Changes of Purpose to Processing Your Personal Information

We will only use your personal information for the purposes for which it was collected unless we reasonably consider that that your personal information should be used for another purposes which is compatible with the original purpose.

 

In the event that we need to use your personal information for an unrelated purpose or in such a way that you could not have reasonably anticipate it would have been used, will notify before using your information in this manner and you will have the right to object to its use.

 

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.

11. Marketing Information

Unless you have told us that you do not want to hear from us in relation to services that we consider are of interest to you or of updates relating to our website or the platform, we will send you relevant marketing information by email.

 

If no longer want us to contact you with marketing information, please contact our DPO with your request and we immediately stop processing your information in this manner.

 

12. Contact Us

For any questions or concerns regarding this Privacy Policy or the handling of your personal information, including any requests to exercise your rights, please contact our DPO, Dr Zahid Khan, at anna@myanna.health

Alternatively, you can write to us at our registered office:

FAO Dr Zahid Khan

My Anna Health Limited

18 Foster Crescent

Silverdale

Newcastle

ST5 6SW

England

 

Your privacy is of utmost importance to us at My Anna Health Limited. We are dedicated to safeguarding your personal information and ensuring a secure and enjoyable experience on our website.

bottom of page