MEDIZZY PRIVACY & DATA PROTECTION RULES
I. Collection of personal data
-
We, that is MEDizzy Ltd., Company number 10143587, are the data controller responsible for
your personal data collected via the Application or Site (the
“Controller”). You can contact us by e-mail
contact@medizzy.com or by post to the following
address: Craven House, Ground Floor, 40-44, Uxbridge Road, London, United Kingdom, W5 2BS.
-
As the Controller, we have appointed the Data Protection Officer (“DPO”). You can contact the DPO by e-mail
sent to the following address: dpo@medizzy.com or by
post to the following address: Craven House, Ground Floor, 40-44, Uxbridge Road, London, United Kingdom, W5
2BS with a note “DPO”.
-
We obtain your personal data mostly directly form you. Your personal data may also be provided to us by
third parties at your request. This applies to the situation in which you want to register in our site
(medizzy.com, the “Site”) or use our MEDizzy mobile application (the “Application”) using the social media
functionality or services of our associated partners (hereinafter referred to as “Associates”) such as:
-
For the purpose of this document, we will refer to you as the “User”, even if you are not the member of our
society yet.
II. Scope of processed personal data
-
For the purpose of providing you with the opportunity to register on the Site or in the
Application and the opportunity to subscribe to our newsletter, if we decide to provide
that functionality, first of all we process the following personal data:
- your e-mail address;
- your name;
- information on your educational/professional status.
-
Apart from data as specified directly above, depending on which functionalities of the
Site/Application you use (as soon as we decide to provide them) we may collect different
kinds of information from or about you. Some of them, in some circumstances, may be your personal data, as
“personal data” means any information relating to an identified or identifiable natural person. For example:
-
things you do and information you provide. You provide us those information when you use our
Site/Application. This can include information such as your location, habits (types of
content you view or engage with or the frequency and duration of your activities), occupation, place of
work, university you attend to; information other people provide about you;
- your connections, groups you participate in, networks;
-
financial information related to transaction you make via our Site/Application. This
may include your credit or debit card number and other card information, account number, authentication
information;
- billing, shipping and contact details, if you use functionality related to sales;
-
information from or about the computers, phones, or other devices where you install
Application or access our Site, which may include your location,
telecommunication operator you are using, phone number or IP address;
-
information from third-party partners. We receive information about you and your activities on and off
our Site/Application from third-party partners, such as information from Associates, an
advertiser or a sponsor about your experiences or interactions with them;
- history of your communication with us;
- consents you have given in relation with the Site/Application.
-
Submitting of personal data by the User for the purpose of registration is voluntary. It is, however,
necessary in order for the User to make use of the full range of services and functionalities of the
Site/Application.
III. Use of personal data
-
We process your personal data to ensure the functionality of our Application/Site in accordance with
MEDizzy Terms and Conditions and in accordance with the
MEDizzy Newsletter Rules (once we decide to provide that). This includes, in particular, providing you with
the opportunity to register on the Site or in the Application and the
opportunity to subscribe to our newsletter.
-
We use your personal data (whenever is possible, subject to choices you make using functionalities in
Setting section) to provide and support the products, services and functionalities as described in the
MEDizzy Terms and Conditions, in particular:
-
we personalize features and content of the Site/Application to:
- make suggestions for you on
- topics, content, groups or events we think you may be interested in,
- develop, test and improve our Site/Application
-
select and personalize offers, ads or other sponsored content to show you, according to your
preferences,
-
send you marketing communication, in particular to promote our services, including additional and
sometimes paid functionalities;
-
if you express your separate consent to receiving the Newsletter or commercial communication by e-mail,
we will use your e-mail address to send you such communicates;
-
we send you other kind of communications related to
MEDizzy Terms and Conditions. Consequently, we also use
the information on you to be responsive toward you when you decide to contact us;
-
we use the information we have to help our advertisers, sponsors, partners, Associates to measure the
effectiveness and distribution of their content, ads and services in order to understand their most
accurate recipients and their needs. We also use those information in analytical purposes of that kind
in our own interest;
-
we use the information we have to verify accounts and activity on the
Site/Application in order to detect, prevent, combat any harmful conduct, such as
spamming, intellectual property infringements or discriminatory, intimidating or other harmful
behaviours, which mostly includes violations of MEDizzy Terms and Conditions.
-
As we want to be able to present you offers and content tailored to your interests, we carry out profiling
activities. Please be noted, that in no case this will affect your rights or freedoms, nor will it affect
you in any other way. There is no automated decision-making involved.
IV. Legal basis for personal data processing
- Depending on the purpose, we process your personal data on a different legal basis.
-
In order to perform our contract with you (that is to enable you to use the
Site/Application according to
MEDizzy Terms and Conditions), we process your data as
necessary. You do not need to consent to that specifically, but without that you wouldn’t be able to use the
Site/Application.
-
The other legal bases we sometimes rely on while processing your data are:
-
your consent:
-
for processing data of special categories (such as your religious and philosophical beliefs,
political opinions, your health, ethnic origin, sex life or sexual orientation), if you decide to
present those data, so that we could share those information with the members of MEDizzy society and
personalise your content,
-
for using data that our advertisers, sponsors, partners, Associates provide us about your activity
of our Site/Application, so we can personalise the content we show you on the
Site
or within the Application,
-
for collecting information you allow us to receive through the device-based settings you enable
(such as access to your GPS location, camera or photos), so we can provide the functionalities or
services described when you enable the settings,
-
for the purpose of sharing your personal data allowing to identify and contact you (such as your
name or email address) with sponsors and advertisers, if you decide that we should share those, so
that they can contact you directly and present you with information you are interested in,
-
data about your use of the Site, which we get through the so-called cookie files;
-
our legitimate interests or the legitimate interests of a third party, where not outweighed by your
interests or fundamental rights and freedoms, which is:
-
providing measurement, analytics, and other business services where we are processing data as a
Controller. The legitimate interests we or the third parties have here is providing accurate and
reliable reporting to our partners, advertisers, developers, sponsors, Associates that allows us and
them to get to recognize your needs in order to improve our and their businesses, especially
evaluate the effectiveness of the online content and advertising,
-
providing marketing communications to you, including newsletter. The legitimate interests we have
here is to promote our Application, Site or other services,
-
appropriate responding to law enforcement practices and legal requests. The legitimate interests we
have here is to detect, prevent, combat any harmful conduct or fraud and to protect ourselves, our
Users and others,
-
for people under the age of majority (under 18, in most EU countries) who have a limited ability to
enter into an enforceable contract,we may be unable to process personal data on the grounds of
contractual necessity. Nevertheless, when such a person uses our Site/Application,
it is in our legitimate interests to provide, personalize, and improve our
Site/Application and to provide non-marketing communications with them. The
legitimate interests we rely on for this kind of processing are:
-
to create, provide, support and maintain innovative products and features that enable people
under the age of majority to benefit from the exchange of professional information and being a
part of a professional society we are gathering around our Site and
Application,
-
to secure our Site and Application, verify accounts and activity in order to
detect, prevent, combat any harmful conduct, such as spamming, intellectual property
infringements or discriminatory, intimidating or other harmful behaviours, which mostly includes
violations of MEDizzy Terms and Conditions and –
the least but not last – to protect the safety of people under the age of majority, who are
especially vulnerable users of Internet;
-
compliance with a legal obligation – we are obliged to process your data when the law requires
it, including, for example, if there is a valid legal request for certain data;
-
protection of your vital interests or those of another person – that includes all the cases when
protection of your life or physical integrity or that of others is required, and we rely on it
to combat harmful conduct related to our Site/Application.
V. Time limitations for processing of personal data
- The period for which we process your personal data depends on the purpose of processing.
-
Personal data collected for the purpose of and related to registration on our Site or in
Application or subscribing to the newsletter are being processed for the period you are
registered/subscribed – until you unregister/unsubscribe. After this period, your data will be processed for
purposes related to the accountability of our activities, for which we are obliged by the mandatory
provisions of law, including in particular tax and accounting regulations, regulations on the protection of
personal data and the period of , which differs depending on a kind of claim (for example resulting from a
simple contract, deed, tort, fraud, defamation and so on).
VI. Recipients of personal data
-
We transfer your personal data only when it is necessary to perform the services that you order by using
functionalities of the Site/Application. We do not sell your data, we do not make your data
commercially available to third parties.
-
We may pass your personal data to our partners of the following kind:
-
companies that provide us with the delivery and maintenance of hosting, database software, through which
we can run our service, newsletter etc.;
-
marketing agencies or other entities of that kind providing measurement, analytics, and other business
services that help us understand what our Users are interested in, create interesting content, offers,
functionalities and help us in ongoing communication with our Users;
-
entities supporting us in the provision of electronic services, i.e. those that provide payment
services;
- entities that perform consulting or auditing services.
-
We may also pass on your personal data to public authorities fighting against fraud and abuse.
-
For each of these purposes as mentioned directly above, we only provide data that is necessary to achieve
it. Wherever and whenever possible we use tools of pseudonymisation or other activities that make it
impossible for our partners and subcontractors to identify you, while we have your data all the time and you
are not anonymous for us.
VII. Your rights related to personal data processing
-
When we process data you provide to us based on your consent, you have the right to withdraw it at any time.
Please be noted, that the withdrawal will be valid and effective for future only.
-
You may exercise your right to withdraw the consent by sending an e-mail to
contact@medizzy.com by post to the following
address: Craven House, Ground Floor, 40-44, Uxbridge Road, London, United Kingdom, W5 2BS, with the note
“Personal Data”.
-
Expressing consent for our newsletter functionality or any other commercial communication is voluntary and
we do not make the use of the Site/Application conditional upon its expression by you. With
this kind of communication you can unsubscribe at any time by sending a request to
unsubscribe@medizzy.com or by using a special
tab on the Site www.medizzy.com/unsubscribe or “Unsubscribe” button within the Application.
-
Remember that once you withdraw your consent, it may take some time before the motion is accepted and all
databases are synchronized. We will make every effort to ensure that these activities take place without
unnecessary delay, but in no case it will last longer than one month.
-
Remember that the withdrawal of consent does not affect the lawfulness of the processing that was made on
the basis of consent before its withdrawal.
-
Please, be also aware, that your personal data in the scope covered by the revoked consent, i.e. in the
scope of the purpose for which it was requested, will cease to be processed for this purpose only. Your
personal data subjected to consent may be still processed in order to fulfill our obligations under the law,
including, in particular, the obligation to account for the correctness of personal data processing, or for
the purposes justified by our legitimate interest.
-
The personal data protection law gives you a number of other rights that you can use at any time. Unless you
abuse these rights (eg. unreasonable daily requests for information), using them will be free of charge for
you and should be easy to implement.
-
Apart from the right to withdraw your consent, as mentioned above, your rights include:
-
the right to access your personal data.
This right means that you can ask us to export from our
databases the information we have about you and send it to you in one of the commonly used formats (eg
XLSX, DOCX, etc.);
-
the right to correct personal data.
If you find out that your personal data we process is
incorrect, you may ask us to correct it and we will be obliged to do so. In this case, we have the right
to ask you for a document or proof of the change;
-
the right to seek restriction of personal data processing.
If, despite the fact that we adhere to
the adequacy principle, that is we process only data that is necessary to achieve a given processing
goal, you consider that for a specific purpose we process too wide catalogue of your personal data, you
have the right to request that we restrict (limit) the scope of processing. If the request does not
oppose the requirements imposed on us by applicable law, or it is not necessary for the performance of
the contract, we will accept your request;
-
the right to request erasure of personal data.
This right, also known as the right to be
forgotten, means that you can demand that we remove any information that contains your personal
information from our systems and any other records. Remember however, that we will not be able to do so
if we are obliged to process your data under provisions of law (for example transaction documents for
tax purposes, obligation to ensure the accountability of our activities). In each case, however, we will
remove your personal data to the fullest extent possible, and where it is not possible we will ensure
their pseudonymisation (which means that the data subjected cannot be identified without a corresponding
key). Allowing this, your data we need to keep in line with applicable law, will be available only to a
very limited group of people in our organization;
-
the right to personal data portability.
In accordance with the General Data Protection Regulation,
you can ask us to port the data you provided to us in the course of all our contacts and all cooperation
to a separate file, for the purpose of further transfer to another data controller;
-
the right to object to personal data processing.
You submit the right to object when you do not
want us to process your personal data for a specific purpose (for example for marketing purposes). In
evaluating an objection, we’ll evaluate several factors, including: reasonable user expectations; the
benefits and risks to you and third parties; and other available means to achieve the same purpose that
may be less invasive and do not require disproportional effort; if you are under the age of majority in
your country and have a limited ability to enter an enforceable contract, we will take particular
account of the fact that you are below the age of majority and adjust our assessment of our legitimate
interests and the balancing of your interests and rights accordingly. Should your objection be deemed
justified, we will continue to process your data for other processes (for other purposes), but not for
the purpose for which you objected. In any case, your objection will be upheld and we will cease
processing your information, unless the processing is based on compelling legitimate grounds or is
needed for legal reasons.
-
You may exercise all of your rights by sending an e-mail to
contact@medizzy.com or by post to the following
address: Craven House, Ground Floor, 40-44, Uxbridge Road, London, United Kingdom, W5 2BS, with the note
“Personal Data”.
VIII. Right to lodge a complaint with a supervisory authority
-
We wish to inform you separately, that you have the right to lodge a complaint with a supervisory authority,
in particular in the Member State of EU of your place of living, place of work or place of the alleged
infringement if you feel that the processing of your personal data infringes the GDPR regulation.
-
An individual authority is established by each of the EU Member State to supervise the compliance with GDPR.
For the UK the Information Commissioner’s Office (ICO) will be the Supervisory Authority.
-
You can contact the ICO via e-mail (casework@ico.org.uk) or post (Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, UK).
For more information see https://ico.org.uk.
IX. Copyrights
The Application contains redirections (links) to other websites with a brief description,
published by its users. The contents of these pages may be subject to copyright of their respective authors
and are protected in accordance therewith. The MEDizzy team responds in an ongoing manner to reports regarding
the violations of the rights of third parties by users of the application, taking appropriate steps and
measures to remove or disable access to content published in violation of third party rights.
X. Legal disclaimer and liability
All contents contained in the Application are made available free of charge. The users as
well as the MEDizzy Team bear no responsibility for any damages resulting from the use of said content. The
publisher of the MEDizzy application reserves the right to remove or edit entries and to block users who
violate the MEDizzy terms and conditions.
XI. Limitation of liability
The publisher of the Application does not bear any liability for the content and opinions
expressed by users in the comments or descriptions, including the correctness of the information posted by the
users. The contents of the application are meant for informational purposes only and may not constitute the
basis for a diagnosis or for taking up treatment. The publisher of the Application bears no
responsibility for medical decisions made on the basis of the content of the Application.
XII. Collection of personal data
Registration in the Application requires at least an e-mail address of the user to be
provided. The publisher of the MEDizzy application processes personal data in accordance with applicable laws
and regulations. E-mail addresses are in particular being used to notify users about technical issues and
relevant changes to the service. Detailed information regarding the principles of the processing of personal
data by MEDizzy LTD can be found in the Terms and Conditions of the Application.
XIII. Cookies
Cookies are small text files used to store certain information on your computer. Cookies are not harmful to
you or your computer and data, and we thus recommend to not disable their use in browsers. To log onto the
Application the use of cookies is required. The use of cookies allows us to improve the
quality of our services and increase the satisfaction of our users by storing their preferences and tracking
trends and ways to navigate the Application.