General Data Protection Regulation
GDPR (General Data Protection Regulation) has been introduced across the EU to help to protect your personal information. We know this is important to you and it is important to Ryalto.
Our privacy statement (see below) tells you how we protect your personal information, including:
- Your rights relating to the information we hold about you
- How we keep your personal information safe
- The types of personal information we collect and use
- The legal basis we rely on to use your information
There are no changes to the way in which people sign up to our app and we won’t be asking you for any further information as a result of GDPR. If you do have any questions about the General Data Protection Regulation then please do get in touch by emailing us at firstname.lastname@example.org.
Cultura Systems Limited (“Ryalto”, “us”, “our” or “we”) is committed to protecting and respecting your privacy.
For the purposes of the Data Protection Act 1998, the data controller is Ryalto Ltd of 12 New Fetter Lane, London, United Kingdom, EC4A 1JP. A ‘data controller’ is the company who is responsible for, and controls the processing of, your personal data.
What personal information do we collect from users?
You will be asked to provide your consent before we collect and process certain personal data and you can withdraw your consent to this at any time by contacting us at email@example.com.
Please note that if you withdraw your consent, the functionality of the App and the App Services may not available to you.
We may collect, process, and/or share the following data about you:
- Registration information, including various personal data which you choose to provide when you register with us (such as your name, email address, mobile phone number and photo).
- Professional information, including, if you are a Professional, information and/or personal data relating to your qualifications, qualification reference numbers (for example, your GMC (General Medical Council) number), credentials and employment when you populate your User Profile on the App.
- Location information via the App which includes geolocation and location presence awareness technology and functionality which require access to your location data when you are using the App.
- Log information, information relating to your use of the App and Users that you have contacted in server logs including time stamps. We may also create a unique device ID and unique user ID as part of the authentication process for your use of the App.
The following additional information may also be collected, processed, and/or shared:
- if you contact us or members of our corporate group entity, for example if you report a problem with the App, we may keep a record of that correspondence. In such circumstances, we may monitor and record such communications with you; and
- Information you voluntarily provide to us in response to any surveys, competitions or promotions.
When do we collect information?
We collect personal information from you when you register an Account, create a User Profile and enter information on to the App. We also collect your personal information when correspond with us by phone, email or otherwise.
If you are a Professional, we may also collect personal data provided to us by a Client (for example, your employer).
How do we use your information?
We may use your personal data for the following purposes:
- to provide the App Services to you and to enable you to create a User Profile;
- if you are a Professional, to check your details against third party databases and information sources (including the relevant Client database and professional qualification databases such as the General Medical Council (GMC) register and the Nursing and Midwifery Council (NMC) register);
- to notify you about changes to the App Services;
- to ensure that content on the App is presented in the most effective manner for you and for your device;
- to provide customer services, including to respond to your enquiries and fulfil any of your requests for information;
- to send you important information regarding the App and/or other technical notices, updates, security alerts, and support and administrative messages;
- to send you marketing or promotional information about our services or products, and occasionally third party products and services, that may be of particular interest to you. However, as detailed further in the ‘Your rights’ section below, you can instruct us not to send you such information at any time by emailing us at firstname.lastname@example.org;
- to enable other Users to contact you, for example via in-app messaging, email, or other forms of electronic communication;
- for our business purposes, such as data analysis, audits, developing new services, operating and improving the App, identifying usage trends and determining effectiveness of communications;
- to personalise User experience and to allow us to deliver the type of content and service offerings in which you are most interested and to your geographic location;
- to improve our App in order to better serve you;
- as part of our efforts to keep our app safe and secure; and
- as we believe to be necessary or appropriate:
- under applicable law, including laws outside your country of residence;
- to comply with legal process;
- to respond to requests from law enforcement and other government authorities including public and government authorities outside your country of residence;
- to protect our rights, privacy, property or safety, and/or that of our affiliates, you or others;
- to allow us to pursue available remedies or limit the damages that we may sustain; and
Where do we store your personal data?
The personal data that we collect from Users based in the European Economic Area is (EEA) is stored in Frankfurt, Germany. For all other Users, your personal data may be stored in Frankfurt, Germany or in a country outside of the EEA.
However, your personal data may also be transferred to another country, including a destination outside the EEA, for example the US where the laws on processing personal data may be less stringent than in your country. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. These staff may be engaged in the fulfilment of providing the services through the App.
Your personal data will not appear on the App after you have terminated your Account. However, we will not delete this data from our internal databases until 6 years after you have terminated your use of the App Services as contractual claims may be raised within this period.
How do we store and protect your personal data?
We take all steps reasonably necessary to ensure that your personal data is treated securely. In particular:
- all information you provide to us is stored on secure servers (including within the ‘cloud’);
- any information you provide to us via the App will be sent over an encrypted connection or other secure networks; and
- regular Malware scanning.
You should be aware, however, that the transmission of information via the internet is not completely secure.
Do we disclose your personal data to third parties?
To provide the App Services, your User Profile details will be accessible to other Users. By registering for the App Services, you agree that your User Profile may be displayed to other Users and confirm that you consent to those other Users contacting you via the App.
In order to fulfill the purposes set out above, we may disclose your personal data to any member of our corporate group, as well as any of our strategic business partners or third-party agents, contractors or service providers under contract who provide business operations support.
Finally, we may also disclose your personal data to the following additional third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if Ryalto Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its users will be one of the transferred assets;
- if you have otherwise provided your consent to such disclosure.
Information about other individuals
- give consent on the individual’s behalf to the processing of their personal data;
- receive on the individual’s behalf any data protection notices; and
- give consent to the transfer of the individual’s personal data abroad.
To the extent that you upload the personal data of any third party to the App, you warrant that you have obtained all necessary consents from such employees and contractors to allow us to collect, use, store and share their personal data.
Do we use ‘cookies?’
We strive to keep your personal data accurate, and where necessary, up to date. If, at any time, you discover that information held about you is incorrect, you have the right to require us to correct any inaccuracies in your data free of charge.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise this right at any time by contacting us.
You have the right to access information held about you under the Data Protection Act 1998. Your right to access can be exercised in accordance with the Act and we will give you access to the information held about you within 30 days.
Updated August 1st 2018