Privacy Policy

We’re Ireland’s medical
assessment and Online Medical Certificate App.

Privacy Policy – GetSickCertificate

1. Overview

Thank you for using GetSickCert platform, an application that connects customers to partner doctors for the purpose of the health practitioner running Ehealth consultations and providing sick certificates if appropriate. We are committed to preserving your privacy in line with EU regulations of the Data Protection Act of 2018. This policy outlines how we use, disclose and store your personal information. This policy will also inform you how to get access to such data. Our responsibilities while managing information in Ireland are governed by this Policy. If you have any issues. Please review this Policy carefully and get in touch if you have any further questions.

2. Agreement

By submitting your personal information, you acknowledge that we may collect, use, store, and disclose it in accordance with this Policy or as otherwise needed or permitted by law. You will be considered to have given us permission to handle your personal information in accordance with this Policy if you continue to use our services. For most cases, we will require the owner’s permission before collecting any personal information about them. Consent is typically given in writing, however it can occasionally be given verbally or implied by someone’s actions. We make every effort to only seek personal information from you when it is necessary for the services you want to avail of.

3. Types of Data We Collect

Personal Data

By using our service, we can ask you for personally identifying information that will allow us to contact or identify you (“Personal Data”). A few examples of personal identifying information are as follows:
  • We need your full name, contact number, and current address.
  • The birth date.
  • Gender.
  • Include any pictures or files, such as medical histories, in your uploads.
  • Your device’s ID, type, and geolocation; device and network information; browser session data; standard web log information; an Internet Protocol (IP) address; page view statistics; acquisition sources; search queries; browsing habits; and data collected via internet cookies.
  • Information from any previous correspondence you may have had with us
With your personal information, we might reach out to you to provide promotional materials, newsletters, and other details that may be of interest to you. By using the unsubscribe link or instructions present in emails we send you or by getting in touch with us, you can remove yourself from getting any or all of these emails from us.

Usage Data

We may also gather the information that your browser transmits whenever you visit our service or access it via a mobile device (“Usage Data”).

Usage Data may include your computer’s Internet Protocol address (e.g., IP address), the current version of your browser, the type of browser you are using, the service pages that you view, the date and time of your visit, the amount of time spent on those pages, unique device identifiers, and other diagnostic data.

This usage data can contain details such as your smartphone’s unique ID, the type of smartphone you use, an IP address, unique device identifiers, details on the operating system, and other diagnostic data when you access our service directly via a smartphone.

Cookies Data

To track and keep track of user activity on our service, we employ cookies as well as other tracking technologies.

Cookies are small data files that might provide an anonymous, unique identity. They are text documents that websites transmit to your browser and store on your computer or device. Scripts, beacons, and tags are other tracking technologies used to collect and track information and to develop and evaluate our service.

You may instruct your browser to inform you whenever a cookie is received or to refuse all cookies. However, you may be unable to use certain aspects of our service if you do not accept cookies.

Cookies that we utilize include:

  •         Session cookies: They are used to operate our service.
  •         Preference cookies: They are used to store your preferences and other settings.
  •         Security cookies: They are used for security considerations.

How is the Data Being Used?

  •         To accomplish the original goal for which the personal data was collected, i.e., deliver and maintain our service.
  •         To update you about modifications to our service.
  •         To provide you with the option, if you so choose, to take part in interactive features of our service.
  •         To provide client service.
  •         To collect analysis or important information to enhance our service.
  •         To keep an eye on how our service is being used.
  •         To identify, avoid, and fix technical issues.
  •         For any other purposes, you grant your permission.

Processing Personal Data on a Legal Basis Under the Compliance of GDPR

If you reside in the European Economic Area (EEA), Getsickcert’s legal basis for processing and collecting the personal information stated in this privacy policy is determined by the data we collect and the precise context in which it is collected.

Getsickcert may process your personal data for the following reasons:

  •         We must make a deal with you.
  •         We have your approval to proceed. The processing does not violate your rights and is appropriate in light of our interests.
  •         To process payments.
  •         To comply with the legislation.

Data Transfer

Your data, including personal information, may be transmitted to and stored on computers located outside of your nation, province, state, or other governmental jurisdiction where data protection rules and regulations differ from those in your country.

If you live outside of the Irish borders and want to provide us with information, please be aware that we will move all the necessary information, including personal data, to Ireland and handle it there.

Your agreement to that transfer is represented by your approval of this privacy policy, followed by your submission of such data.

Getsickcert will take all reasonable measures to guarantee that your data is handled safely and in accordance with this privacy statement. In addition, there will be no transfer of your personal data to a company or a country unless the place is sufficiently safeguarded, including your data privacy and other private details.

Is it being shared with?

Commercial Deal

Your personal information may be transferred if Getsickcert is engaged in a merger, acquisition, or asset sale. However, we will notify you if your personal information is moved and covered by a new privacy regulation.

Law Enforcement Disclosure

Getsickcert may be obliged to reveal your personal data in some circumstances, such as where required by law or in response to lawful demands from governmental authorities (e.g., a court or a government agency).

Legal Obligations

Getsickcert may disclose your personal information if it has a genuine belief that doing so is necessary to:
  • To fulfil a legal responsibility.
  • To preserve and defend Getsickcert’s rights or property
  • To avoid or investigate potential misbehaviour in relation to the service.
  • To ensure the public’s or service users’ personal safety
  • To safeguard against legal responsibility.

Data Security

We care about data security, but beware that no form of electronic data storage or transfer via the Internet is completely safe. While we endeavour to secure your personal data using commercially reasonable techniques, we cannot ensure its ultimate security.

The Rights of Individuals Under the GDPR

  • Rights to delete, access, or update information: Individuals have the right to view, edit, or remove the information we have on file. They can view, amend, or request deletion of their personal data directly inside the account settings area whenever feasible. If you are unable to complete these tasks on your own, please contact us for assistance.
  • Right to rectification: Individuals have the right to have their information corrected if it is incorrect or incomplete.
  • Right to object: Individuals have the right to object to our use of their personal information.
  • Right to withdraw permission: Individuals may also withdraw their permission at any time if Getsickcert relies on it to handle their personal information.
  • Right to Data Portability: Individuals have the right to be provided with a copy of the information we have on file in a structured, machine-readable, frequently used format.
  • Right to Restriction: Individuals have the right to request that the processing of their personal information be restricted.

4.What types of personal information do we gather, and why?

Information gathered with regards to our users:

 

  • Your name, address and phone number.
  • Date of birth.
  • Gender.
  • Any photos or records that you upload, such as a medical record.
  • Your device ID, device type and information, geo-location information, Internet Protocol (IP) address, standard web log information, browser session data, device and network information, statistics on page views, acquisition sources, search queries, browsing patterns and information gathered through internet cookies.
  • Information contained in any communications between you and us.

Why we collect it:

  • To fulfill the original purpose for which the personal data was gathered.
  • To identify and communicate with you
  • To carry out administrative and operational tasks
  • To meet any other legal obligations, including those mandated by Irish Law, court or tribunal law
  • For any other reason for which you give your consent

How we collect it:

  • Use of our services
  • Information provided to us on our platform
  • Creating an account with us
  • Connecting with us or interacting through various social media to share personal information
  • Through third party service providers

Regarding the general public who may not have subscribed to our service but engage with us:

  • Information you have given us in correspondences with you.
  • Information you have supplied in the platform before you submit it to us, such as through cart abandonment.
  • Information about how you access and use our website, such as browser session data, device and network information, page view statistics, acquisition sources, search terms, browsing patterns, and data from internet cookies.
  • To recognize and communicate with you, as well as to carry out administrative and operational tasks.

About contractors or prospective staff members (including health practitioners)

  • Your name, address, and contact information, such as phone number, email addresses aswell as date of birth.
  • Your nationality and the nations in which you are a citizen.
  • Educational details, any qualifications you have received and/or English language test results.
  • Employment details, Resume, Educational Background or work examples.
  • Any licenses issued by pertinent regulatory boards, as well as any other organizations, councils, or authorities.
  • To perform any recruitment functions.
  • To communicate with you
  • To fulfil the terms of a contractual agreement
  • To ensure that duties can be performed
  •  

We may not be able to satisfy your needs if you choose not to provide the necessary information. For instance, if you want to use a pseudonym or remain anonymous, we won’t be able to offer you, our service. Sometimes people send us unsolicited personal information. When we receive unsolicited personal information, unless it is reasonably required for, or directly linked to, our tasks or operations, we will typically discard or de-identify the information as soon as practical if it is legal and reasonable to do so.

5. Confidential data

We may ask you for sensitive information. This includes any health information in any documents you upload, such as information about your symptoms, medical history, or any other health information. If you consent to providing us with this information, we will only use it to provide our services and for you to access our platform. When you enter your health information, you give GetSickCert permission to: (a) collect and handle it in accordance with this Privacy Policy; and (b) share it with the health practitioners who have accepted our terms in order to provide our services to you. If you do not agree to this, you should not provide us with your health information.

6. Disclosing your personal data

The following third parties may receive your personal information: (a) our business or commercial partners; (b) the medical professionals who have agreed to our terms; (c) our professional advisers, dealers, and agents; (d) third parties and contractors who provide services to us, such as customer enquiries and support services, IT service providers, data storage, webhosting and server providers, marketing and advertising organizations and payment processing services.

7. Using your personal data for direct marketing

Your personal information might be used occasionally to get in touch with you for marketing purposes in order to support our further development and growth. By contacting us at info@getsickcert.co.uk or by using the unsubscribe feature provided in each direct marketing message we send, you can choose not to be contacted for marketing purposes. Once we receive a request to opt out from receiving marketing information, we will stop sending such information within a reasonable amount of time.

8. Safety

We take all necessary precautions to safeguard the personal data we have under our control from unauthorized access, modification, and disclosure as well as from misuse, interference, and loss. Your personal information is stored electronically by us in safe databases managed by our outside service providers. We use a number of different layers to protect the personal information we store, including (a) HTTPS encryption for browsing, (b) hashing or storing passwords in non-reversible formats, (c) active error and log monitoring using industry-standard tooling, (d) operating in a secure cloud environment, and (e) relying on TLS security to communicate with the databases. Our servers are hosted with Amazon Web Services and Microsoft Azure and we use the provided security functionality and monitoring to detect and prevent persistent access to rogue services. Server access and deployment are limited to revokable access keys that can only be regenerated on a master account. Access to servers can only be gained by using industry standard encryption keys that are generated and regularly updated, including when employees leave GetSickCert. In order to avoid the disclosure of user information to other parties, user logs redact specific sorts of information, such as passwords, before they are logged.

Databases and servers are only accessible internally to prevent public access, unless it related to whitelisted services or is necessary for monitoring and troubleshooting. While we take reasonable steps to ensure your personal information is protected from loss, misuse and unauthorised access, modification or disclosure, security measures over the internet can never be guaranteed. By protecting the secrecy of any passwords and account information used on our website, you can play a crucial part in keeping your personal information safe.

9. Gaining access to or updating your personal data

Please get in touch with us if you want to view your personal data. In some cases, we may not be able to grant you access to your personal information. In this event, we will notify you in writing and explain why we are unable to do so. We make a conscious effort to keep all the personal information we have on you correct, current, comprehensive, and relevant. Please get in touch with us if you think any of the personal data, we have on you needs to be updated. We will take reasonable steps to make the necessary changes.

10. Destroying or removing personally identifiable information

Unless we are otherwise required or permitted by law to store the information, we erase or de-identify personal and sensitive information when we no longer need it.

11. Making a complaint

Please get in touch with us if you feel your privacy has been violated or if you have a concern about how we handled your personal information. We take complaints about privacy seriously. We will acknowledge any complaints you may have within five days of receiving them. Within 30 days, we’ll endeavour to resolve your complaint. If we can’t do this in a timely manner, we will let you know within that timeframe how long it will take us to address your complaint. As soon as it’s practical, we will investigate your complaint and write to you to let you know what we have determined.

12. Changes

We might occasionally change this Policy. Any modifications to this Policy will be communicated to you in advance, and they take effect as soon as they are posted on our website. You will be deemed to have accepted any changes if you keep using the services after they have been made.

13. Contact us

All questions or queries about this policy and complaints should be directed to: support officer email: support@getsickcert.co.uk this policy was last updated in September 22.