Version September 2023
This VISO Privacy Statement applies to your use of the mobile application ‘VISO’ and any updates or supplements to it (“App”), once you have downloaded the App onto your smartphone or other handheld device (“Device”).
Your GP is using the VISO dashboard (“Dashboard”) and has invited you to use the App. In particular you will be asked to enter certain personal data in the App which, in combination with the data entered by your GP in the Dashboard (which includes health data relevant to the management and treatment of a particular health conditions), will allow the App to suggest to your GP decisions regarding your medication plan. Those suggested decisions will be shared with your GP in the Dashboard as specific actions that your GP can follow.
Disclaimer: VISO does not support sharing data with other OMRON connected apps, nor does it support sharing data with other users in-app.
Your GP is using the VISO dashboard (“Dashboard”) and has invited you to use the App, in order to be able to remotely monitor and manage your health condition. You will be asked to enter certain personal data in the App which, in combination with the data entered by your GP in the Dashboard (which includes health data relevant to the management and treatment of a particular health condition), will allow the App to suggest decisions regarding your medication plan to your GP. Those suggested decisions will be shared with your GP in the Dashboard as specific actions that your GP can follow. Decisions taken by your GP may also be shared with you through the App.
For the purpose of providing the VISO service to you, the data controller under UK Data Protection Legislation is your GP Practice. OMRON Healthcare Co. Ltd (“OMRON”) has developed and administered the App on behalf of the GPs and acts as data processor.
Any questions about the service provision and the way that your personal data is collected and used to provide the service by the GP, including the data processing activities that you may opt out of, should be addressed to your GP practice.
As part of our continued improvement of the VISO service, OMRON collects feedback of end users of the App. While using the App, you may therefore be asked certain questions about your experiences with the App. For the purposes of collecting and analysing this feedback, OMRON will be the data controller of the collected data. OMRON relies on its legitimate interests in improving its products and services.
When requesting your feedback within the App, OMRON will not process any health-related data. OMRON will only process the following general categories of personal data for this purpose:
In addition to the above, only upon your explicit consent, OMRON may also analyse anonymized versions of the health data, which may include physical and/or mental health data, entered by you in the App and your GP in the Dashboard, in order to improve OMRON’s products and services. OMRON will ensure that, upon your consent, your data is in no way traceable back to you. Your explicit consent will be asked within the App. You are not required to give us your consent and withholding your consent will not impact the provision of the VISO service to you in any way.
OMRON will not collect more data than what is necessary to improve our products and services. In fact, we aim to limit the processing as much as possible to what is strictly necessary. The data we collect from you will not lead to decision-making based solely on automated means. If OMRON intend to process your personal data for a purpose other than improving our products and services, OMRON will inform you of this in advance. Should the legal basis for one of the processing has been consent, OMRON will re-obtain your consent.
Please note: this App is not intended for children’s use. Should your child have used the App and provided their personal data without your parental consent, please contact us at the address shown in the section “Contact”.
Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS England’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.".
The following sections (sections 2-10) only apply to the extent OMRON acts as data controller, as described above.
You may request to cancel your account by informing your GP that you no longer wish to take part in the service.
We may disclose the data we collect from you to affiliated OMRON group entities to assist in the provision of the VISO service and for purposes of improving our products and services. These entities will provide services as data processors and only process your personal data under the authority and instructions of OMRON. Where necessary, OMRON has entered into contractual agreements with relevant affiliated group entities to safeguard the protection of personal data.
We may also disclose your personal data to (other) third parties:
OMRON has also engaged a third party to provide the feedback feature described in Section 1 of this Privacy Statement. However, OMRON will not share any personal data (including health data) with this third party, but solely de-identified data. At all times, OMRON will be the only party that is able to identify end-users.
The data that we collect from you will be transferred to, and stored at, a destination inside the European Economic Area (“EEA”). Your personal data may also be transferred to and used in countries outside the EEA and UK for the purposes described in this privacy statement. Such countries may not have the same level of protection as the country in which you reside. OMRON guarantees that all such data transfers are in accordance with applicable privacy legislation. OMRON will enter into ‘Model Clauses’ with entities in such countries. Model Clauses are standardized contractual clauses used in agreements between data controllers and data processors, or between data processors and sub-processors, to ensure that any personal data leaving the EEA or UK will be transferred in compliance with UK data protection law and meet the mandatory requirements. In addition, OMRON will adopt supplementary measures where necessary.
We have implemented technical and organizational measures to protect your personal data against unauthorized access, use and disclosure. All data you provide to us is stored on secure servers. Any data used for the purposes of improving OMRON’s products and services is anonymised before being further processed. Any data transfer will be encrypted using Secured Sockets Layer technology. Where we have given you (or where you have chosen) a password that enables you to access the App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone including support staff.
We will retain your personal data unless your GP request us to cancel your account or until we cancelled your account due to inactivity. We will consider your account ‘inactive’ if you don’t use the App during a two-year period, after which your personal data will be deleted. Before your account becomes inactive, we will notify you by email requesting you to use the App to prevent your account becoming inactive. We will cancel your account within thirty (31) calendar days of it becoming inactive at which time all of your personal data will be deleted. We may only keep your data if it is anonymized in a way that it cannot be linked back to you.
We process your personal data in accordance with the provisions of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018. Based on these data protection legislation you have several rights with regards to our processing of your personal data, including:
The App may contain links to and from our partners and affiliates. If you follow any of these links, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected by them. Please check their policies before you submit any personal data to them.
Any material changes we may make to our privacy statement in the future will be notified to you.
OMRON processes your data in order to support your GP to make decisions about your care. If you have questions or concerns about clinical safety of VISO, you can contact our Clinical Safety Officer, Eric Bulwer, at eric@safehand.co.uk. Eric is a qualified professional Clinical Safety Officer with a medical professional background.
To the extent you have any questions or requests regarding the processing of your personal data, including the request to exercise your rights as described in this Privacy Statement, you can contact OMRON’s representative in the UK: OMRON Healthcare UK Ltd. The UK representative can be reached via email at support-viso@omron.com, the ‘contact us’ function within the App, or by regular mail to:
Omron Healthcare UK Ltd
Opal Drive, Fox Milne Milton Keynes,
MK150DG United Kingdom
The UK representative will do its utmost to respond in a timely manner (and no later than ten (10) days upon receipt) to your questions and/or requests regarding the processing of your personal data.
The address of Omron Healthcare Co. Ltd, the data controller, is as follows:
Omron Healthcare Co., Ltd.
53 Kunotsubo, Terado-cho, Muko, Kyoto
Japan
Further information can also be found on https://www.omron-healthcare.co.uk/viso-learn-more.html