Effective Date: 13/06/2024

Humant Group Limited ("we", "us", "our") is committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

Humant Group Limited is a provider of remote patient monitoring solutions. Our registered address is:

Humant Group Limited
Unit 6 Heritage Business Centre
Derby Road, Belper
Derbyshire, DE56 1SW, England

If you have any questions or concerns about our Privacy Policy or data practices, please contact our Data Protection Officer (DPO) at dpo@humant.io.

We may collect and process the following types of personal data:

• Name
• Address
• Email address
• Phone number
• Job title

• Username
• Password
• Other credentials used for accessing our services

• Payment card details
• Billing address
• Transaction history

• Medical records
• Health data
• Other sensitive health-related information (if you are a user of our patient monitoring solutions)

• IP address
• Browser type
• Operating system
• Device information

• Information about how you use our website and services, including the pages you visit and the links you click.
• 
  

• Partner Data: Information from our business partners that help us to provide our services, including marketing data and customer feedback.

We use your personal data for the following purposes:

• To Provide Services: Manage your account, deliver our services, and respond to your inquiries.
• To Process Transactions: Process payments and manage billing.
• To Improve Our Services: Analyze usage data, improve our website and services, and develop new products.
• To Communicate with You: Send updates, newsletters, marketing materials, and other information that may be of interest to you.
• To Comply with Legal Obligations: Comply with legal requirements, such as tax reporting and data protection laws.
• To Ensure Security: Monitor and maintain the security of our systems and your data.

We rely on the following legal bases to process your personal data:

• Consent: Where you have given us explicit consent to process your data for specific purposes.
• Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: Where we need to comply with a legal obligation.
• Legitimate Interests: Where processing is necessary for our legitimate interests, such as improving our services, provided that your interests and fundamental rights do not override those interests.
• 
  

We may share your personal data with the following parties:

• Service Providers: Third-party vendors who provide services such as IT support, payment processing, and marketing assistance.
• Business Partners: Partners who help us to deliver our services or who provide additional services that complement our offerings.
• Legal Authorities: Authorities or law enforcement agencies, if required by law or necessary to protect our rights.
• Affiliates: Other companies within our corporate group for internal administrative purposes.

We do not sell or trade your personal data to third parties for their marketing purposes.

We may transfer your personal data to countries outside the European Economic Area (EEA) where data protection laws may differ from those in your country. In such cases, we ensure that appropriate safeguards are in place to protect your data, such as standard contractual clauses or other legal mechanisms.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. For more details, see our Data Retention Policy.

You have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request the deletion of your personal data in certain circumstances.
• Right to Restriction: Request to limit the processing of your data in certain situations.
• Right to Data Portability: Request to transfer your data to another service provider.
• Right to Object: Object to the processing of your data based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.

To exercise any of these rights, please contact our DPO at dpo@humant.io.

We use appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and secure data storage solutions.

We use cookies and similar tracking technologies to enhance your experience on our website, analyze usage patterns, and deliver targeted advertising. For more information, please see our Cookie Policy.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new policy on our website. Your continued use of the website after any such changes constitutes your acceptance of the new Privacy Policy.

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

• Data Protection Officer: dpo@humant.io
• Address: Unit 6 Heritage Business Centre, Derby Road, Belper, Derbyshire, DE56 1SW, England

For complaints or queries related to data protection, you can also contact the Information Commissioner's Office (ICO):

• Website: https://ico.org.uk/
• Phone: +44 303 123 1113
• Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England

Thank you for taking the time to read our Privacy Policy. We are committed to protecting your privacy and ensuring that your personal data is handled with care and respect.

Company Name: Humant Group Limited

Role: Data Processor

Humant Group Limited recognizes the importance of the National Data Opt-out Policy, which allows individuals to opt out of their confidential patient information being used for purposes beyond their individual care and treatment. As a data processor, we are committed to ensuring compliance with this policy in collaboration with our data controllers.

1. Understanding Our Responsibilities:

• We acknowledge that our role involves processing personal data on behalf of data controllers within the NHS and other healthcare organizations.
• We understand that it is our responsibility to support data controllers in adhering to the National Data Opt-out Policy

2. Integration of Opt-out Mechanism:

• We have implemented processes to ensure that any data we process adheres to the opt-out preferences registered by individuals.
• Our systems are designed to respect and integrate the opt-out choices made by individuals, as conveyed to us by data controller

3. Collaboration with Data Controllers:

• We work closely with our data controllers to ensure that any data we handle is in compliance with the National Data Opt-out Policy.
• We support data controllers by providing necessary documentation and data processing agreements that include clauses ensuring adherence to opt-out preferences.

4. Technical and Organizational Measures:

• We have implemented robust technical and organizational measures to prevent the use of data for purposes beyond individual care if the patient has opted out.
• Our systems are regularly updated to reflect the latest opt-out preferences communicated to us by data controllers.

5. Training and Awareness:

• All relevant staff are trained on the requirements of the National Data Opt-out Policy and our responsibilities as a data processor.
• We conduct regular training sessions and updates to ensure continuous compliance with the policy.

6. Monitoring and Reporting:

• We have established monitoring mechanisms to ensure that the National Data Opt-out preferences are being respected and that our systems are functioning as intended.
• We provide regular reports to data controllers on our compliance with the opt-out policy.

7. Data Security and Confidentiality:

• We are committed to maintaining the highest standards of data security and confidentiality.
• All patient data is processed in a secure environment, and we ensure that it is only accessible to authorized personnel

8. Continuous Improvement:

• We are committed to continuously improving our compliance with the National Data Opt-out Policy through regular audits and updates to our systems and processes.
• We welcome feedback from data controllers and other stakeholders to enhance our compliance measures.

By adhering to these principles, Humant Group Limited ensures that we are compliant with the National Data Opt-out Policy and are committed to safeguarding patient information and respecting individual choices regarding data use.

Contact Information: For any queries regarding our compliance statement or data processing practices, please contact us at:

• Data Protection Officer: Dominic Kirkman
• Email: dpo@humant.io
• Phone: +44 (0) 330 043 2063
• Address: Unit 6 Heritage Business Centre, Derby Road, Belper, Derbyshire, DE56 1SW, England
• Website: www.humant.io

Humant Group Limited is dedicated to supporting the NHS and other healthcare organizations in their mission to provide high-quality care while respecting the privacy and preferences of individuals.