getUbetter® privicy policy
Updated May 2018

PLEASE READ THIS POLICY CAREFULLY BEFORE USING getUBetter SERVICES
You must be 18 years or older to use our Services.

Protecting your data, privacy and personal information is very important to getUBetter (“us”, “our” or “we”). It is vitally important to us that our customers feel secure when using the “Services”. We encourage you to take the time to review our revised privacy policy and terms of use.

Summary

By continuing to use or accepting the terms and conditions during the registration process of the “App” or “Webapp” on or after May 25 2018, you are opting-in to us processing data and information in accordance with this updated privacy policy. This will allow us to provide you with access to our “App” and “Webapp”. We will ask you to “opt-in” to other elements of our Service such as receiving communication emails from getUBetter or before any introduction to getUBetter treatmentZONE partners/services that you may select.

Processing of sensitive personal data

The nature of the getUBetter app means that we need to be able to process sensitive data about your symptoms and health concerns. In order to use getUBetter, you will need to consent to the continued processing of this data. We take your privacy very seriously and have strict access controls for both personal and sensitive personal data and will never disclose this data to a third party without your explicit consent.

This policy (together with our terms of use at getUBetter and any other documents referred to in it), sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by getUBetter. Please read this privacy policy carefully to understand the types of information we collect from you, how we use that information, the circumstances under which we will share it with third parties, and your rights in relation to the personal data you provide to us.

When visiting our getUBetter website at getUBetter.com (our “Website”) or using our application: “getUBetter-lower back pain” (our “Apps”) or using our “Webapp” or any of the services offered (the “Services”), you will be asked to indicate your acknowledgment of, and where applicable your consent to, the practices described in this policy.

Our “Apps” and “WebApp” contains information provided by third parties (our treatmentZONE will show you your local health services or treatment options e.g. GP, Healthcare providers, support services both in and out of the NHS). You can choose for us to introduce you to any of these services. We can connect you but please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check their policies.

We may collect and process the following data about you:
  • Information that you provide to us.
  • You will be asked to provide us with your information when you:
    • email us or otherwise;
    • register to use our Services;
    • use the Services;
    • report a problem with our Services; or
    • complete any questions in the “App" or “WebApp" relating to your recovery (although you do not have to complete these if you do not want to).

The information you will be asked to provide to us for registration purposes will include: your name, gender, date of birth, email address, phone number, postcode, your GP details (optional) and symptoms you are experiencing.

Information we collect about you with regard to each of your visits to our “Apps” or “Webapp”.

We may automatically collect the following information; however, this information cannot be used to identify you. We collect personal data from and about you when:
  • you provide it to us, log into, or use your account; fill out forms; make use of services (e.g. when you request to book services through the Treatment Zone)
  • the nature of your injury, your recovery progress and yes/no responses to other screening questions.
  • you record your rating of your recovery from your injury.
  • you complete questionnaires within our services.

Some of the other uses of that might not be so obvious are using it to:
  • remember you so that you don't have to re-enter your details each time you log in.
  • provide, test, improve and update our services, and to monitor its performance and effectiveness.
  • develop and test new products, services and features.
  • create electronic versions of documents for you to provide to your practitioner.
  • improve user experience and the quality of the content available.
  • help us identify and fix defects or errors in our systems.
  • where you've consented, send you information about products or services that we provide that may be of interest to you (you will be asked to opt-in to this part of our Service).
  • create anonymous, aggregated reports that we may provide or sell to third parties (e.g. for statistics, ratings, analysis and reviews). Your feedback and use of our services helps improve recovery for you, others and future generations.
  • give you reminders, emails or alerts (you will have to opt-in to this)
  • to detect fraud.

We also collect anonymised aggregated data about how you use our services. This may include: technical information about the device you use (e.g. your device type, network, operating system and mobile browser); and how you use and interact with it (e.g. page views, journeys through it etc.).- specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information;

  • We do not receive information from other sources.

How we use your information and justification of use.

Use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the ground in respect of each use of your personal data in this policy. These are the principal grounds that justify our use of your information:
  • Consent: where you have consented to our use of your information (you are providing explicit, informed, freely given consent, in relation to any such use and may withdraw your consent in the circumstance detailed below by notifying us);
  • Contract performance: where your information is necessary to enter into or perform our contract with you;
  • Legal obligation: where we need to use your information to comply with our legal obligations;
  • Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights; and
  • Legal claims: where your information if necessary for us to defend, prosecute or make a claim against you or a third party.

We use information held about you in the following ways:

Types of information we collect
  • Email address, name, date of birth, gender, postcode GP name and contact detail (optional)
    • Uses of that Information: To provide you with access to our “App” or “Webapp” to use our Services.
    • Use Justification: Contract performance
  • Date of birth, injury symptoms, potential causes of injury symptoms, recovery progress information, postcode, GP practice and phone number (optional).
    • Uses of that Information: To provide you with the Services.
    • Use Justification: Consent (we require your consent to process your sensitive personal data, which is required in order to provide the Services.)
  • Email address, name
    • Uses of that Information: To support your recovery by sending emails with updates, to connect you to your healthcare providers (our clients) and local services of your choice in the treatmentZONE.
    • Use Justification: Consent (we require your consent to process your sensitive personal data, which is required in order to provide the Services.)
  • Email address, name, date of birth, injury symptoms, potential causes of injury symptoms or recovery progress information and postcode
    • Uses of that Information: To administer our Services and for internal operations, including research, data analysis and data statistics, and to create derived, anonymised and aggregated data to improve our Services.
    • Use Justification: Legitimate interest (to administer and improve our Services).
  • Email address
    • Uses of that Information: To notify you about changes to our Services.
    • Use Justification: Contract performance, legitimate interests (to update our Services from time to time).
  • Email address, injury symptoms, potential causes of injury symptoms or recovery progress information
    • Uses of that Information: To contact you where health concerns have been identified during the data processing.
    • Use Justification: Legitimate interest and in order to provide our Service

We will not sell your personal data (or any other data you provide us with) to third-parties, however, we reserve the right to share any data, which has been anonymised and/or aggregated. You acknowledge and accept that we own all right, title and interest in and to any derived data or aggregated and/or anonymised data collected or created by us.

Marketing

We may use information for marketing products and services to you in the following ways:

Types of marketing activity
  • Newsletters and marketing emails relating to our own similar services and products. Where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing.
    • Use justification: Legitimate interest (to market our products and services - you have the right to unsubscribe at any time)

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us.

Where we store your personal information

The personal data that we collect from you (including email addresses that form part of our prospective marketing database) is processed in the European Economic Area (“EEA”) and stored at UK data centre. Sensitive information between our “Apps” or “Webapp” and our server is transferred in encrypted form using Secure Socket Layer (“SSL”).

Your passwords and data are stored on getUBetter’s servers in encrypted form. We do not disclose your account details. It is your responsibility to keep your password secure. When transmitting sensitive information, you should always make sure that your browser can validate the getUBetter certificate. Unfortunately, the transmission of information via the internet is not completely secure. Although getUBetter will do its best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent any unauthorised access.

Disclosure of your information

We may also disclose your personal information to third parties in the following circumstances:

Purpose of disclosure and third party(s) to which disclosure might be made
  • We may disclose your personal information to our service providers and business partners: including doctors, GP surgeries, hospitals, healthcare providers (to assist us in performing any contract we enter into with them or you, including providing the Website and the Services it enables), analytics providers, (to assist us in the improvement and optimisation of the App and Website).
    • Use Justification: Contract performance, legitimate interest, (to allow our Service providers to provide the necessary services).
  • If we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets.
    • Use Justification: Legitimate interest (to sell our business or assets); and where required by applicable law, consent (for sensitive personal data).
  • If getUBetter is acquired by a third party, personal information about our customers will be one of the transferred assets.
    • Use Justification: Legitimate interest (to sell our Company or assets); and where required by applicable law, consent (for sensitive personal data).
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of getUBetter, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
    • Use Justification: Legal obligation, vital interest.
  • We may disclose certain data to organisations involved in clinical trials and other types of research where you have been authorised to do so.
    • Use Justification: Consent.
  • We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
    • Use Justification: Legal obligation (to cooperate with law enforcement and regulatory authorities).

How long we retain your personal data

We will hold the above information for as long as is necessary in order to provide you with the Services, deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. Once your account is terminated or deactivated, we shall delete the personal data relating to your account within 1 month. If your account is inactive for 12 months, we may contact you to assess whether you want to continue to use the Services. Some personal data may need to be retained for longer than this to ensure getUBetter can comply with applicable laws and internal compliance procedures, including retaining your email address for marketing communication suppression if you have opted not to receive any further marketing.

We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed.

Your rights

Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at contact@getUBetter.com.

You have the following rights in relation to your personal data:
  • Right to Rectification
    • We will use reasonable endeavors to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.
  • Right to erasure / ‘Right to be forgotten’
    • By deleting your account, getUBetter will delete all of your personal data without undue delay (unless there is a legitimate and legal reason why getUBetter is unable to delete certain of your personal data, in which case we will inform you of this in writing).
  • Right to restriction of processing
    • You have the right to ask us to stop processing your personal data at any time.
  • Right to data portability
    • You have the right to request that getUBetter provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so.
  • Right to complain
    • You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK. Although we encourage our customers to engage with us in the event they have any concerns or complaints.

getUBetter will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.
Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use getUBetter Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete, which may result in you no longer being able to use the Services.
Where you request getUBetter to rectify or erase your personal data or restrict any processing of such personal data, getUBetter may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right, for example doctors, GP Surgeries, Healthcare professionals, local health related services or Hospitals. Any changes we make to our privacy policy in the future will be posted on this page, and where appropriate, notified to you by email or notifications via the App. We therefore encourage you to review it from time to time to stay informed of how we are processing your information.

Cookies

A cookie is a small file of letters and numbers that we or third parties may store on your browser or device. We use them to identify and distinguish you from other users of our services, which helps to provide you with a better experience.

The cookies we use are:
  • PHPSESSID- To store a simple message when a form is submitted that can be displayed on a different page. For example, if an enquiry form is completed incorrectly, a message will be stored and presented to the user to indicate the errors in the submission. When an enquiry form is submitted successfully, a message is stored and presented to the user thanking them for their enquiry. No personal information is stored in this cookie.

Please note third parties (e.g. providers of external services like web traffic analysis) may use cookies over which we have no control. You can block cookies by changing the settings on your browser to refuse all or some cookies (remember if you do this you may not be able to access all or parts of our services).

About Us

We're Get U Better Limited, a company registered in England and Wales (company number 08330528). Our office is Albion Dockside Building, Hanover Place, Bristol. BS16UT. UK. Our VAT number is 191176892. We don't guarantee direct responses to queries. When contacting us we strongly recommend you don't email us confidential or personal information. If you do, it's at your own risk.

Contact

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to contact@getUBetter.com. For the purpose of the relevant data protection legislation, the data controller is Our data protection officer is Carey McClellan.