We are Hydrosense Ltd (”we/us/our”) and we are committed to protecting and respecting your privacy. We are a company incorporated in Scotland (registered number SC204853) with registered office at Suite 2, Ground Floor, Orchard Brae House, 30 Queensferry Road, Edinburgh, EH4 2HS.
- in relation to our website at www.hydrosense-legionella.com (“Site”);
- through use of our Hydrosense smartphone-based diagnostic test reader app (“App”); or
- through our portal accessed via https://hydrosensepro.com/login/ (“Portal”)
will be processed by us.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Legislation, as that legislation may be amended or replaced (the “Act”), we are the data controller.
“Data Protection Legislation” means (i) the Data Protection Act 1998 (until May 24th 2018); or (ii) unless and until the GDPR is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK; or (iii) any successor legislation to the GDPR or the Data Protection Act 1998;”
Information we collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on our Site or registering to use our Site.
- If you contact us, we may keep a record of that correspondence. We may also ask you for information when you report a problem with our Site.
- Technical information we collect automatically when you visit our Site, including, but not limited to, the IP address used to connect your computer to the internet, your browser type and version and your browser plug-in types and version.
- Information about your visit to our Site which we collect automatically, including but not limited to, traffic data, location data, weblogs and other communication data.
- Registration Information – this is information you give us about you when you register the App and to use the Portal or by corresponding with us. We will request your name, email address and location in relation to the registration process.
- Device Information – this is the technical information we automatically collect from the device you have downloaded the App on (Device) when you use the App including the type of device, a unique device identifier (for example, your Device’s IMEI number, the MAC address of the Device’s wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, and time zone setting.
- Location Information – this the data on the location for the tests run and verified using the App and may also include GPS technology information we use to determine your current location. You can turn off this GPS functionality at any time by turning off the location services settings on the Device but doing so may not enable you to use the full functionality of the App and Portal.
- Account Information – this is the information on the use of your Account related to your use of the App and Portal.
- Reports Information – this is information recorded from your use of the App, including conformance reports and results data (to the extent that this includes any personal data).
Our Site may use certain cookies from time to time. A cookie is a small file of letters and numbers that we store on your browser. This allows us to distinguish you from other users of our site, which helps us to provide you with a good experience when you browse and also allows us to improve our site. You can change your website browser settings to reject cookies at any time, although this may impair the functionality of our site.
Uses made of the information
We may use information held about you in the following ways:
- to provide you with information you request from us.
- to provide you with the service we provide via the App and Portal (“Service”).
- we use Registration Information in relation to setting up your account to enable us to provide our Service.
- to provide and to help maintain, protect and improve the App, Portal and Service, and to notify you about changes to them.
- we use Device Information to tie the Device to the user of the Device and the related account.
- we use Location Information to track the location and time of your use of the App and submission of data for the purpose of providing our Service.
- to ensure that content from our Site, App and Portal is presented in the most effective manner for you and for your computer/ device.
- we use Registration Information and Location Information for the purposes of security, and prevention and detection of fraud.
- to administer our site and for internal operations, including troubleshooting and testing.
- We also use Account Information for the purposes of statistical analysis of the use of our App and Service, including the creation of anonymised data which we may use at our discretion.
- We use limited Registration Information (name and email) for internal marketing purposes (e.g. use based prizes).
- Where you have given us consent, we may use Registration Information, Device Information and Reports Information to send you push notifications about services that we offer (or that selected third parties offer) that may be of interest to you. We do not sell your data to third parties and no third party will contact you unless you have specifically requested this.
Basis for processing
We are entitled to use your data as described in paragraph 1 above as we are responding to your request and therefore have your consent to this processing.
We are entitled to use your data as described in paragraphs 2, 3, 4, 5 and 6 as we require to do this as part of our agreement with you to provide the Service.
We are entitled to use your data as described in paragraphs 7, 8, 9, 10 and 11 above as the purposes stated are within our legitimate interests. Our legitimate interests include:
- the creation and use of anonymised data to be used by us and our research partners for epidemiological research (i.e. combatting Legionella bacteria, Legionnaires’ Disease and Legionellosis globally) and education.
- Use of anonmyised data for awareness raising of the threat of Legionella bacteria, Legionnaires’ Disease and Legionellosis globally.
We will only process your data described in paragraph 12 if you have consented to this, which is our basis for processing such data.
Disclosure of your information
You agree that we have the right to share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to the extent this cannot reasonably be redacted.
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets to the extent this cannot reasonably be redacted.
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation,
Basis for processing
We are entitled to disclose your data as described in paragraphs 1 and 2 above as it is within our legitimate interests to run our business and/or secure investment.
We are entitled to disclose your data as described in paragraph 3 on the basis that we are legally required to do so.
We are entitled to disclose your data as described in paragraph 4 above as the purposes stated are all within our legitimate interests.
Where we store your personal data
All information you provide to us is stored on secure servers and we will use strict procedures and security features to try to prevent unauthorised access. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk.
How long we will store your personal data
We only store your information for as long as is necessary for the purpose it was obtained or for any additional purpose we have explained to you.
Under data protection legislation you have a number of rights in respect of information held about you. These rights are as follows, and can be exercised in accordance with the applicable legislation:
- Access to information: You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of your personal information, please email us at firstname.lastname@example.org.
- Ensuring accuracy of information: We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or complete information that is inaccurate or incomplete.
- Right to erasure: You may have a right to erasure, which is more commonly known as the ‘right to be forgotten’. This means that in certain circumstances you can require us to delete personal information held about you.
- Ability to restrict processing: You may also have the right to require us to restrict our use of your personal information in certain circumstances. This may apply, for example, where you have notified us that the information we hold about you is incorrect and you would like us to stop using such information until we have verified that it is accurate.
- Right to data portability: You may have the right to receive personal data we hold about you in a format that enables you to transfer such information to another data controller (e.g. such as another service provider).
- Review by an independent authority: You will always have the right to lodge a complaint with a supervisory body. The relevant authority in the UK is the Information Commissioner’s Office.
- Preventing direct marketing: We do not sell your data. From time to time, we may send emails containing information about new features and other news about us, or push notifications via our App about services we or third parties offer that may interest you. This is considered direct marketing. You have the right to stop us from contacting you for these purposes and we will not normally do so unless we have obtained your consent in advance. We will always inform you if we intend to use your personal data for such purposes, or if we intend to disclose your information to any third party for such purposes. You can usually exercise your right to prevent such marketing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com.
- Objecting to other uses of your information: You may also have the right to object to our use of your information in other circumstances. In particular, where you have consented to our use of your personal data, you have the right to withdraw such consent at any time. You may do this by contacting us at firstname.lastname@example.org.
Changes to our policy
Any changes we make to our policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our policy.
Questions, comments and requests regarding this policy are welcomed and should be addressed to email@example.com.