Privacy Policy

Introduction

Welcome to Entia Ltd’s privacy policy. This privacy policy explains what Personal Information Entia Ltd (referred to as “Entia”, “we”, “us” or “our”) collects from you through our products (“Liberty Service”, “Liberty Patient Support Service”, ”Liberty Analyser”, “support” or “device”) , and how that information is collected, stored and used.

Principles Relating to Processing of Personal Information

Entia Ltd is committed to protecting and respecting patient privacy and will only use personal information in ways explicitly agreed to as a part of this data agreement in accordance with the UK Data Protection Act of 2018 and UK GDPR.

The Data Protection Principles described in UK GDPR Article 5 dictate that personal data shall be:

1. Processed legally, fairly, and transparently;

2. Collected for specific, explicit purposes and not used incompatibly with those purposes;

3. Collected only when necessary for the specified purposes;

4. Kept accurate and up-to-date, with inaccurate data rectified or erased promptly;

5. Retained only as long as necessary for its intended purposes; and

6. Processed securely to prevent unauthorised access, loss, or damage. We are required to implement suitable technical and organisational safeguards to comply with these obligations and to periodically assess and update these measures as needed.

The Personal Information We Collect

Entia is the “data controller” of all personal information that we collect or is provided to us by a third party and used, and, therefore, is responsible for your personal information. Entia Ltd. gathers personal information to provide an efficient service to our users, and operate effectively as a business. If you decline to provide the personal information required, you will not be able to use our service.

Personal Information

We will collect and process the personal information that you give to us by phone, email or otherwise, and personal information that your healthcare provider gives to us on your behalf. It includes the information you provide when registering for our service, engaging with the Liberty Patient Support Service, and providing feedback via survey or phone. The data produced by the Liberty Analyser are also included. All personal information is kept private and will not be shared without prior consent.

When you are asked to provide consent, Entia will explain to you what personal information we will be sharing, with whom and for what purpose. Consent and explicit consent for sharing of personal information will be asked for separately to this privacy policy. Personal information means any information relating to you which allows us to identify you. It does not include information where the identity has been removed (anonymous data). The personal information we may collect from you is listed below, with the purpose of it’s collection written next to each:

● Your first and last name; to create your profile and arrange device delivery and returns

● Your date of birth; to create your profile and ensure you receive appropriate care

● Your unique identifiers (NHS Number and Hospital Number); to create your profile and to allow your healthcare provider to match it to your electronic health record

● Your sex at birth; to create your profile and to ensure you receive appropriate care

● Your address (address line, city and postcode); to create your profile and arrange device delivery and returns

● Your contact details (primary contact number, secondary contact number, contact preference, email); to create your profile, and to reference for support communications

Part of the above information is required to complete your registration with our service. If you decline to provide us with this information we will not be able to register you.

For patient users we may collect sensitive personal information about your health. This includes the following types of information:

1) Your oncologist’s name; to ensure you receive appropriate care

2) Images of your blood sample taken by the Liberty Analyser required to produce a result; to produce a full blood count measurement and help improve our products

3) Your full blood count measurement results from the Liberty Analyser; to ensure you receive appropriate care and help improve our products

4) The date full blood count measurements were performed by the Liberty Analyser; to ensure you receive appropriate care and help improve our products

5) General information about your cancer type; to facilitate health care professionals with establishing your care pathway, and ensure you receive the appropriate care

6) General information about your cancer treatment; to facilitate health care professionals with establishing your care pathway, and ensure you receive the appropriate care

Please note that you may withdraw your consent at any time by contacting the Liberty Service Team at support@entia.co or +44 191 743 7348, but that withdrawing consent will require ending your enrolment with the Liberty Service and returning the Liberty Analyser to Entia. We will notify you if this is the case at the time.

Liberty Analyser Usage Data

For all users of the Liberty Analyser, we store information about how you interact with the product. This includes, but is not limited to, the following information:

● Date, time and type of errors; to provide appropriate support and resolve technical challenges and improve our products

● Date and time of cancelled measurements; to provide appropriate support and resolve technical challenges and improve our products

How Entia Uses Your Personal Information

To Provide and Improve our Products & Services

Your personal information may be used to:

● Administer your account

● Provide the products and services that constitute the Liberty Service

● Improve the support aspect of services that constitute the Liberty Service

● Contact you to understand how you are finding the Liberty Service

Your sensitive personal information may be used to:

● Administer your account

● Provide the products and services that constitute the Liberty Service

● Allow designated clinicians or healthcare professionals to review your measurement results, thereby facilitating the provision of care

Your de-identified data (data which has had your personal information removed from it so as not to be traceable to you, without the use of additional information. We have technical and organisational measures in place to prevent this) may be used:

● To facilitate product development and improvements

● In the publication of Real World Evidence studies.

We will only process your personal information where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal information for.

To Share with Third Parties

We may also share your personal information with the following third parties for the purpose described in this Privacy Policy:

● Government authorities, law enforcement bodies and regulators for compliance with legal requirements.

● Trusted service providers we are using to run our business and the Liberty Service such as courier services to arrange delivery and returns, manufacturers to allocate patients to their devices, and cloud and email service providers.

● Legal and other professional advisers, law courts and law enforcement bodies in all countries we operate, in order to enforce our legal rights in relation to our contract with you.

● Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

To Protect Your Vital Interests

In addition to the specific disclosures of Personal Information set out in this section, we may also process your personal information to protect your vital interests (e.g. in case of a medical emergency)

Length of Time that Your Personal Information is Stored

We will not retain your information for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal information, the purposes for which we process it and whether we can achieve those purposes through other means.

We must also consider periods for which we might need to retain personal information in order to meet our legal obligations or to deal with complaints, queries and to protect our legal rights in the event of a claim being made.

When we no longer need your personal information, we will securely delete or destroy it. We will also consider if and how we can minimise over time the personal information that we use, and if we can anonymise your personal information so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

We aim to store your information for no longer than ~6 months after you finish using the Liberty service. All efforts will be made to do this in a shorter period of time and some information may be removed quicker than others.

How Your Information is Stored

We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We follow strict security procedures in the storage and disclosure of your personal information, and to protect it against accidental loss, destruction or damage. The information you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information so that they can be securely transferred over the internet. We also use industry standard at rest encryption for sensitive personal information.

We may disclose your information to trusted third parties for the purposes set out in this privacy policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal information, in line with UK and EU law on data protection rules.

Your Data Protection Rights

A summary of your rights under data protection law is provided below. For a more comprehensive understanding, we advise reading the full legal texts from the regulatory authorities.

Your principle rights

● Request information under data protection

● Request access to your personal information

● Request correction of the personal information

● Request erasure of your personal information

● Object to processing of your personal information law

● Object to automated decision-making including profiling include

● Request the restriction of processing of your personal information

● Request transfer of your personal information

● Withdraw consent

You are not required to pay any charge for exercising your rights. If you want to exercise any of these rights or if you have any queries, then please contact us at:

data-protection@entia.co

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is an appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

How to Complain

If you have any concerns about our use of your personal information, you can make a complaint to us at:

data-protection@entia.co

You can also complain to the ICO if you are unhappy with how we have used your information at:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

Changes to Privacy Policy

Our privacy policy may change from time to time and any changes to the statement will be communicated to you by way of an email if we have contact details for you.