Mindler Ltd respects your privacy and makes sure that you can feel secure about how we handle your personal data. This personal data protection policy explains how Mindler Ltd collects and processes your personal data when you use the service offered on the application and the website of Mindler Ltd (hereinafter “the Platform”) at the address www.mindler.co.uk (“the Service”). It also describes your rights over your data and how you can exercise them.
WHO IS THE DATA CONTROLLER?
Mindler is also the controller of personal data about you shared or created during teleconsultation sessions IF the psychologist with whom you interact within the framework of the Service (“the Care Provider”), is a Mindler Ltd employee.
If the Care Provider with whom you interact is not a Mindler employee , the Healthcare Provider is the controller of your personal data shared or generated during teleconsultation, and Mindler Ltd acts as a processor of that personal data.
Mindler has appointed Bird & Bird DPO Services SRL as a Data Protection Officer (DPO) and may be reached by using the following email: firstname.lastname@example.org
Key contact: Vincent Rezzouk-Hammachi
By using the Service, you agree to this personal data policy and give your consent for your personal data to be collected and processed in the manner described below. It is important that you read and understand this policy before using the Service.
This personal data protection policy may occasionally be modified or updated, for example if functions are modified or added to the Service. If this is the case, Mindler agrees to notify you when you use the Service or by any other appropriate means, and, where required by law, to obtain your prior consent.
PERSONAL DATA COLLECTED CONCERNING YOU
The following personal data is collected and processed by Mindler Ltd or the Care Provider as part of your use of the Service:
The information you provide to us:
- Identification data and contact details. When you create a user account to use the Service, you must provide identifying information such as your name, date of birth, email address, mobile phone number, etc. This data may also be communicated to our customer service and technical support as part of your use of our Platform.
- Data relating to your health. When using the Service, you may share information about your physical and mental health with the Care Provider. This could include, for example, information about an illness, your medical history or your mental state. This data relating to your health may be collected when, for example, you exchange it orally or in writing with the Care Provider. Data on your health may also be collected when you complete the forms of the Care Provider or when you import files containing this information on the Platform.
- Payment data. If you make payments under the Service, your payment card information will be collected (name, card number, validity period and CVC / CVV code). This information may be kept beyond the full payment term, subject to your express consent, in order to facilitate subsequent payments.
The information you provide in connection with the use of the Service will be processed.
You can choose not to provide personal data in connection with this use, but this may make it more difficult or impossible to provide the Service. For example, the Care Provider may sometimes ask you to answer certain questions before you make an appointment for the Service. Insufficient or inaccurate health data can also have a significant impact on the ability of the Care Provider to provide you with appropriate services.
Information collected by other means:
- Identification data and contact details. If you are invited to use the Service by the Care Provider, the latter will provide, with your express consent, your identification data and contact details in order to register your account on the Mindler Ltd Platform.
- Connection data. When you use the Platform, information relating to your computer (or mobile device) is collected by means of cookies, such as IP address, language, browser type and version, operating system and resolution. screen as well as the date and time of your connection to the Mindler Ltd Platform. Information relating to the cookies used on the Platform is available at the following address: https://mindlercare.com/uk/cookiepolicy/
- Data collected through social networks. Mindler Ltd is present on various social networks, including Facebook, Instagram and LinkedIn. As such, Mindler may process the public data of the profiles of users of these social networks who share, subscribe, follow or come into contact with Mindler Ltd on these platforms. Mindler Ltd can not be responsible for your public data, accessible on these networks and platforms. We therefore advise you to read the privacy policies applicable on each of these platforms in order to configure your privacy settings.
Sound, videos and images collected during the use of the Service are not recorded or saved. Audio, videos and images are deleted in real time and are not saved in any way after using the Service. However, please note that the images and files that you download as part of the use of the Service are collected and stored on the Mindler Ltd Platform.
THE PURPOSES AND FOUNDATIONS OF THE PROCESSING OF YOUR DATA
Your personal data is primarily processed to provide, perform and improve the Service. Mindler Ltd or the Care Provider processes your personal data for the following purposes:
- To provide the Service. Your personal data and contact details will be processed in order to manage your account and allow you to benefit from the Service. For example, we use your personal data to confirm your identity when you log in to the Service, your payment information to make and manage your payments under the Service and login data to ensure that the Service is presented in the best way possible for you and your device.
- To communicate with you. Your identification data and contact details (including your email address and mobile phone number) may be used to send you notifications and communications such as reminders and confirmations of teleconsultation appointments. If you agreed to sign up to our newsletter via the form on our website, your email address may be used to contact you for marketing purposes, including but not limited to sending you promotional marketing emails and marketing newsletters. You can turn off notifications in your settings on the Mindler Ltd Platform. Your contact details are also used to communicate with you and respond to your requests and requests for information on the Services offered by Mindler Ltd.
- To provide the Service to you. Your personal data (including your health data) will be processed by Mindler or the Care Providers in order to provide you with consultancy services within the framework of the Service.
- To improve the provision of the Service. Your personal data (excluding all health data) may be used to investigate the quality of the Service, respond to and resolve complaints and technical problems related to the provision of the Service (e.g. software bugs).
- To establish statistics. Your personal data can be used after being anonymized to establish statistics. The statistics can, for example, relate to the reasons for teleconsultations with the care providers, the frequency of cancellation or postponement of the teleconsultations, the usual duration of the teleconsultations as well as the average age and the geographical distribution of the users of the Service.
Your personal data is processed in accordance with the privacy laws in force in the UK, and in particular under the following conditions:
when this is necessary for the execution of a contract within the framework of the provision of the Service (eg: organization of teleconsultations with care providers);
when this is necessary to comply with Mindler Ltd legal or regulatory obligations as imposed by the legislator (eg: fight against fraud, etc.);
when the legitimate interests of Mindler Ltd justify it (eg: security measures, functioning of the Platform, etc.);
when this is necessary for the exercise or defense of a legal right of Mindler Ltd (eg: debt collection, civil or criminal liability action, etc.).
THE DURATION OF RETENTION OF YOUR DATA
Your personal data is only kept for as long as it is necessary to achieve the purposes of the processing, as described above, and in any event, in compliance with the legal retention periods. Unfortunately, it is not possible to specify in advance the exact length of this period for all data.
In general, your personal data is saved on the servers hosting the Platform as long as your account is active. If you have not used your account for 2 years, it will be automatically deleted along with your personal data and contact details. As a general rule, technical data is erased or anonymized 60 days after the interview with the care provider.
However, your personal data may need to be saved for a longer period, if this is required by law.
YOUR DATA MAY BE SHARED WITH THIRD PARTIES
When the Care Provider acts as the data controller of your data, it communicates this data to Mindler Ltd, acting as a subcontractor, which makes its Platform available to it for the provision of the Service. This communication is carried out in strict compliance with applicable regulations and while preserving the security of your data.
Mindler Ltd communicates some of your collected data to technical service providers responsible for the maintenance and hosting of its IT system and its Platform, to the service provider offering its online payment solution, as well as to service providers. responsible for the marketing department, the sales department, the legal department, the litigation department, the accounting department and those responsible for handling the relationship with you, only for the purposes mentioned above and to the extent necessary for the accomplishment of the tasks assigned to them conferred.
Mindler Ltd requires these recipients to use your personal data only to manage the services for which they are responsible and in accordance with applicable laws and regulations on the protection of personal data.
Where applicable, your personal data may be communicated to third parties authorized by law (in particular in the context of an express and reasoned request from the judicial authorities).
Likewise, if Mindler Ltd is involved in a merger, acquisition, disposal of assets or reorganization proceedings, it may have to sell or share all or part of its assets, including your personal data. In this case, you will be informed before any transfer of your personal data to a third party. Finally, Mindler Ltd informs you that it will not communicate your data to any third party for the purposes of commercial prospecting.
YOUR DATA WILL BE PROCESSED WITHIN THE EU / EEA OR THE UK
The User’s personal data is stored within the European Union/UK in the databases of Mindler Ltd or those of its service providers.
Your personal data will not be transferred or processed in a country outside the EU / EEA / UK without your explicit consent.
YOUR RIGHTS OVER YOUR DATA
This is your personal data. You therefore have the right to obtain information on the processing of your personal data and to determine the modalities. Below is a brief summary of your rights.
- a right of access to your data: you have the right to obtain confirmation that your data is being processed or not as well as the communication of a copy of your data and information relating to the characteristics of the processing carried out on this data ;
- a right to rectify your inaccurate information and incomplete data;
- a right to the erasure of data which is no longer necessary for the processing, a right to withdraw your consent to the processing, a right to oppose the processing of your data when there are no grounds legitimate and compelling justifying the processing, a right of opposition to commercial prospecting;
- a right to restriction of processing in the event of inaccuracy of your data while they are being checked, or when they are no longer necessary for the exercise of legal rights;
- a right to the portability of your data, in order to request the transmission to another controller of the data provided with your consent or on the occasion of the conclusion of the contract; and
- a right not to be the subject of a decision based exclusively on automated processing producing significant legal effects concerning you.
Certain legal provisions may limit the exercise of some of your rights. Mindler Ltd or the Healthcare Provider may in particular be bound by a legal or ethical obligation to keep your data for a defined period. If your data must be kept due to legal obligations, it will only be used to the extent necessary to meet these obligations and for no other purpose.
YOU CAN CONTACT US AT ANY TIME
Your request must specify your first and last names, e-mail address or postal address to which you want Mindler to send a response.
For security reasons and to avoid fraudulent requests, you may be asked to provide proof of identity before a request can be published.
In accordance with the law, your requests will be answered within one month of receipt (or receipt of satisfactory proof of ID).
You have the right to lodge a complaint with the Information Commissioner’s Office in the UK if you believe that the processing of your personal data does not comply with the applicable regulations.