Privacy Policy

At Agile Kinetic Limited our mission is to help anyone, anywhere to become, and stay active. Our vision for MobilityHub© is to make effective, personalised musculoskeletal care accessible and sustainable. We are committed to democratising orthopaedic and musculoskeletal healthcare. We achieve this by making it as simple as possible for our users to share information with their clinical teams, via our platform MobilityHub, for effective monitoring, better informed decision making and recommendations. We are passionate about high-quality and convenient healthcare. We are also passionate about privacy. We strive to comply with the General Data Protection Regulation (GDPR)and the Data Protection Act 2018 (DPA).

This policy explains how we use your personal data. We want to help you understand how we work with your data, so that you can make informed choices and be in control of your information. We invite you to spend a few moments understanding this policy. We may update this policy from time to time and, if we make any material changes, we will notify you when we do so. We will provide you with the opportunity to review such changes. By continuing to use our products and services after the changes have been made and we have notified you of them, the way we use your personal data will be subject to the terms of the updated policy.

This policy explains how we use your personal data for our healthcare services and products, including our private service, and our NHS service. It also governs the use of your data through our App, or any of our websites, which will be jointly referred to as our App. Reference to your clinical team includes any clinicians (surgeons, physiotherapists, and clinical support staff linked to your account).

This policy covers:

1. Who we are;

2. What personal data we hold and how we get it;

3. What we use your personal data for;

4. Sharing your personal data;

5. Retention;

6. Data security and transfers; and

7. Your rights.

If you have any further questions about how we process your information, please don't hesitate to get in touch by contacting our Data Protection Officer:

Address: Data Protection Officer,

Email: DPO@agilekinetic.com

1. Who we are

Agile Kinetic Limited is a Private Limited Company registered in England & Wales (Company number 10024755). When this policy talks about ‘Agile Kinetic’, ‘us’ or ‘we’, it means Agile Kinetic Limited. Agile Kinetic Limited are controllers of your personal data provided to, or collected by or for, or processed in connection with our healthcare services. Your relationship is with Agile Kinetic Limited. If for example, you would like to access your data, Agile Kinetic Limited is the entity to which you would make such a request.

 

2. What personal data we hold and how we get it

We use the following categories of personal data:

Personal details

When you register with us, you or your clinical team provide us with basic information about yourself, such as your name, telephone number, date of birth, physical address and email address. You and your clinical team are responsible for the accuracy of the information that you provide to us.

Health and medical information

The main type of information we hold about you is health and medical information: information about your procedure, levels of comfort/discomfort, range of motion, rehabilitation exercise adherence, consultations and sessions. This includes interactions with our digital services, and may include some details of your consultations with your clinical team. Your interactions with our digital services may be shared with your clinical team in order to provide you with a better experience and for the purposes of providing your healthcare.

We get some of this information directly from you and your clinical team, when you register with us and when you use our healthcare services.

If you use our App, we may retain records and/or recordings of our interactions with you. This can include video and audio recordings or images you upload or capture when using our App. This is in order to provide you and your clinical team with an efficient way to check your progress, so that we can enable the provision of high quality care to you, and, to allow us to learn from interactions to improve our services. To monitor our service quality, we may retain records of when you contact our support teams via email, phone or any interactive livechat service on the App. Any recordings will be held securely in accordance with our retention policy.

We may also hold information about you and your activity levels from other apps, devices and services where you have given your consent to that data being shared with us. Examples include where you decide to share information collected from a smart watch or similar device with our App.

Financial information

We do not use or retain any of your financial details such as your credit or debit card information.

Technical information and analytics

When you use our App or visit our website, we may automatically collect the following information where this is permitted by your device or browser settings:

  • technical information, including the address used to connect your mobile phone or other device to the Internet, your login information, system and operating system platform type and version, device model, browser or app version, time zone setting, language and location preferences, wireless carrier and your location (based on IP address); and
  • information about your visit (such as when you first used the App and when you last used it, the duration of your interaction, and the total number of sessions you have had on that App), including products and services you viewed or used, App response times and updates, interaction information (such as button presses or the times and frequency of your interactions with the communications we deliver to you in the App or otherwise) and any phone number used to call our customer service number.

We work with partners who provide us with analytics and advertising services (for our services only and not for third party advertising). This includes helping us understand how users interact with our services, providing our advertisements on the internet, and measuring performance of our services and our adverts. Cookies and similar technologies may be used to collect this information, such as your interactions with our services. You can prevent the setting of cookies by adjusting the settings on your browser or your mobile phone.

Information obtained from third party services

You may choose to connect your existing accounts with other providers (such as a social media provider), for example, when signing up to make it easier to create an account with us. If you choose to do this, we will receive limited information about you from that provider, such as your email address and name. Provided we are acting in accordance with data protection laws, we may also use information from other sources, such as specialist companies that supply information, online media channels, our commercial partners and public registers. This information can for example, help us to improve and measure the effectiveness of our services.


3. What we use your personal data for

The purposes for which we use your personal data and the legal grounds on which we do so are as follows:

Providing you a service

  • We obtain and use your personal details in order to establish and deliver our contract with you.
  • We obtain and use your medical information because this is necessary for the delivery of our service. This includes the information collected through our digital services. It may also include sharing information with other healthcare professionals as necessary for the provision of care to you, such as your surgeon, physiotherapist and other members of your clinical team.

Making healthcare accessible

  • Where you have provided your explicit consent, we will use your medical information (always having removed personal identifiers, such as your name, address and contact details) to improve our healthcare products and services, and our artificial intelligence system, so that we can deliver better healthcare to you and other Agile Kinetic users. This medical information (with your personal identifiers removed in the way described above) may include your daily comfort scores, rehabilitation exercise history, and your interactions with our artificial intelligence computer vision software used to predict range of motion. This does not involve making any decisions which would have a significant effect on you – it is only about improving our products, services and software so that we can deliver a better experience to you and other Agile Kinetic users, and help achieve our aim of making our services affordable and accessible to     everyone. Strict confidentiality and data security provisions apply at all times. This consent relates to information that can identify you.
  • We may obtain and use data about your precise location where you give your consent (through providing us access to your location through your App or browser settings or your address), for example, to help direct you to the nearest physiotherapist or calculate the travel distance to your healthcare centre. We may also derive your approximate location from your IP address.

Keeping you up to date

  • We may use your email address, phone number and/or details to contact you or present you with occasional updates and marketing messages where you have not opted out, based on our legitimate interest in marketing our services to you and subject to your right to opt out at any time.

Other uses

  • Based on our legitimate interest in managing and planning our business, we may analyse data about your use of our products and services to troubleshoot bugs within the App or our website, forecast demand of our services and to understand other trends in use, including which features users use the most and find most helpful, and what features users require from us. This does not involve making any decisions about you that would have a significant legal effect on you – it is only about improving our App so that we can deliver better services to you. Strict confidentiality and data security provisions will apply at all times.
  • Where necessary, we may need to share personal details for the purposes of fraud prevention and detection.
  • We also store your medical information, such as your interactions with our digital services, for safety, regulatory, and compliance purposes. For example, we may need to review your information and, where necessary, make disclosures in compliance with reasonable requests by regulatory bodies including the General Medical Council, MHRA, and Care Quality Commission, or as otherwise required by law or regulation.
  • Where necessary for safety, regulatory and/or compliance purposes, we may audit your interactions with our services. Strict confidentiality and data security provisions will apply at all times to any such audit and access.

4. Sharing your personal data with others

  • We may share your personal data with companies we have hired to provide services on our behalf, including those who act as data processors on our behalf, acting strictly under contract in accordance with Article 28 GDPR. Those data processors are bound by strict confidentiality and data security provisions, and they can only use your data in the ways specified by us.
  • Where you access our services through your health insurance provider or any of our commercial partners we may share with such partner your name, date of birth, email address, policy number, location, and the fact you have registered/used the service (and any other similar information). We will not without your consent share any details relating to the content of your interactions with us or your health/medical records.

Information sharing with other healthcare providers

  • We will, where necessary for your care, share your information with your other health and social care providers. For example, your surgeon, physiotherapist, clinical support team, NHS GP and other NHS bodies,     specialist referral services, therapists, pharmacists, hospitals, accident and emergency services, and other health and care bodies. This may include sharing information with such services for safeguarding purposes in accordance with our legal obligations.

Anonymised information

  • We may display on our website or share with our commercial partners aggregated and anonymised data that does not personally identify you, but which shows general trends, for example, the number of users of our service, statistics related to average recovery rates using our service, and similar metrics.

 

5. Retention periods

We retain your personal data including medical records in accordance with national best practice guidance – in particular, advice provided by the Department of Health (2006) Records management: NHS code of practice, and summary guidance issued by the British Medical Association. We may retain records and aggregate information that does not identify you for legitimate business purposes such as managing or planning our business, or records for other periods as required by law or regulation.

 

6. Data storage, security and transfers

We do not store your personal health data on your mobile device. We store all your personal health data, including your diagnostic information on secure servers.

Where you have chosen a password that enables you to access certain parts of our App, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.

We do not store any credit or debit card information. We encrypt data transmitted to and from the App. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Your data may be processed or stored via destinations outside of the UK and the European Economic Area (EEA), but always in accordance with data protection law, including mechanisms to lawfully transfer data across borders, and subject to strict safeguards. For example, we work with third parties who help deliver our services to you, whose servers may be located outside the UK or EEA. For further information on the safeguards we take if we transfer data outside of the EEA, contact DPO@agilekinetic.com.

 

7. Your rights

As indicated above, whenever we rely on your consent to process your personal data, you have specific rights under the GDPR and DPA to:

  • withdraw that consent at any time. You can do this by emailing DPO@agilekinetic.com;
  • understand and request a copy of information we hold about you. Subject to our retention periods, certain information related to your range of motion, and recovery process will be accessible via the App. For other     information, you can make a request by email;
  • ask us to rectify or erase information we hold about you, subject to limitations relating to our obligation to store medical or health records for prescribed periods of time;
  • ask us to restrict our processing of your personal data or object to our processing; and
  • ask for your data to be provided on a portable basis.

You may also contact the Information Commissioners Office(the data protection regulator in the UK): Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, telephone: 0303 1231113 (local rate).

 

Contact us

For any questions or concerns, you can contact us by sending an email to DPO@agilekinetic.com.