1.1 This Policy applies to all customers whose personal data are directly collected and processed by Appello.
2.1 The Data Protection Officer is responsible for ensuring that this notice is made available to data subjects prior to Appello collecting/processing their personal data.
2.2 All employees of Appello who interact with data subjects are responsible for ensuring that this notice is drawn to the data subject’s attention and their consent to the processing of their data is secured, where required.
3. Who we are
3.1 The Data Controller is Appello (referred to as “we”, “us” or “our”). Appello is the trading name of the Appello group of companies which includes the following trusted brands: Appello Limited, Cirrus Communication Systems Limited and Careline Monitoring UK Limited. Your data will be shared with Appello group companies for the purpose of managing and maintaining your account and providing products and services you have requested.
3.2 Our Data Protection Officer can be contacted directly by:
Phone: 01425 626329
4. Whose information do we collect?
4.1 If you ask us to provide you with our Emergency Monitoring Service (or other similar services) (“Service”), we will need to collect and use information about:
– the person responsible for paying for the Service;
– the person using the Service;
– any person(s) identified as an emergency contact/next of kin; and,
– the medical practitioner of the person using the Service.
4.2 If you purchase or hire one of our products we will only need to collect information about:
– the person responsible for paying
5. The personal data we collect from/ process about you:
5.1 We may collect and process the following personal data about you depending on the products or services we provide to you:
– Phone number
– Date of birth
– Doctor’s contact details
– emergency contact/next of kin contact details
– Bank details
– National Insurance
*Information about your disability is only processed if you are claiming ‘zero rate’ VAT for the supply of monitoring equipment or Services.
We may also process the following special categories (sensitive) of personal data about you:
– Medical/Health condition(s)
6. How we collect information about you?
6.1 We may collect and process information about you in the following ways:
– information that you provide to us when you phone us; fill in forms on our websites; by completing paper forms that we send out to you or available at other locations; or, when you respond to our promotions;
– if you contact us, we may keep a record of that correspondence;
– when you complete surveys and participate in market research projects that we use for research purposes, although you do not have to respond to them;
– details of transactions you carry out through our website;
– details of your visits to our website and the resources that you access; and,
– any personal information that is generated by the use of a personal emergency alarm, fall detector or any of our other products or services (i.e. information collected by us as a result of calls made to our 24/7 emergency monitoring centre).
7. Why we use the information about you (Purpose)
7.1 We gather this information to allow us to process your registration, process any orders you may make and to provide the goods or services requested. In particular, we (and our service providers when acting on our behalf) may use your information to:
– provide you with goods and services;
– contact you and/or the recipient of the service and any emergency contacts about the service, if necessary;
– analyse the use of any alarms or monitors purchased or hired from us;
– enhance the Service;
– develop new products and services; and,
– contact you to provide voluntary customer satisfaction feedback and suggestions.
7.2 We monitor and record calls and messages to our Emergency Monitoring Centre to enable us arrange for emergency help for you (if required) and for staff training and quality purposes.
7.3 The relevant information is also used by us, our agents and sub-contractors to provide you with statements of your account and to communicate with you on any matter relating to the conduct of your account and the provision of the goods or services or in general.
7.4 If you visit any of our websites we may aggregate information and statistics for the purposes of monitoring website usage in order to help us to develop our website and our services. We may also provide such aggregate information to third parties. These statistics will not include information that can be used to identify you.
7.5 We will use your bank account details to process the payment for the goods and/or Services you have requested from us.
8. Our legal basis for processing your personal data
8.1 We process your personal data on the basis of one or more of the following legal reasons:
– to perform the contract we have entered into with you for the provision of emergency monitoring services or the supply of products; or
– because you have given us your permission.
8.2 We may also use your personal information in the following situations, which are likely to be rare:
– where we need to protect your vital interests (or someone else’s interests).
9. IP addresses and Cookies
9.1 If you use our website, we may collect information about your computer, including where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers.
9.2 For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service.
9.3 For further information about cookies visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser; however, if you select this setting you may be unable to access certain parts of our site.
10. Disclosure of your personal data
10.1 Appello will not transfer your personal data outside the European Economic Area.
10.2 We may share some parts of your personal data with FirstPort Plc which is a subsidiary of Knight Square Ltd, our parent company. The purpose of this sharing is for the provision of IT and system administration services.
10.4 If there is a change in the ownership of the company that i) collected your data, or ii) which provides any related service, we may disclose your personal information to any new owners.
10.5 We may, under contract, disclose your information to third parties who are involved in providing the Service, including their partners, agents and contractors.
11. Your rights
11.1 At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
– Right of access – you have the right to request a copy of the information that we hold about you;
– Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete;
– Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records;
– Right to restriction of processing – where certain conditions apply to have a right to restrict the processing;
– Right of portability – you have the right to have the data we hold about you transferred to another organisation;
– Right to object – you have the right to object to certain types of processing such as direct marketing;
– Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling; and,
– Right to judicial review – in the event that Appello refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in paragraph 12 below.
12.1 In the event that you wish to make a complaint about how your personal data is being processed by Appello, or how your complaint has been handled, you have the right to lodge a complaint with our Data Protection Officer (see contact details on page 1) and if you are not satisfied with how we have resolved your complaints, you have a right to contact the Information Commissioner’s Office.
13. Retention Period
13.1 We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
13.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
14.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
14.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commisioner of a breach where we are legally required to do so.