App Privacy Policy

Who we are

Our website address is: http://myskinselfie.org.uk.

Newcastle Hospitals NHS

Trust (“NUTH”) , collectively (“we”,

“us”), the owner of [MySkinSelfie] and [SkinSelfiePortal] , an online mobile

application for skin monitoring (the “Site”, or “Service”),

recognizes the importance of your privacy. Therefore, we have created this

you make it available to us. This Privacy Policy applies solely to information

collected at this Site. By using or accessing the Site, you signify your

agreement to be bound by our Privacy Policy.

IF YOU DO

NOT AGREE TO THIS PRIVACY POLICY YOU MAY NOT ACCESS OR OTHERWISE USE OUR SITE.

Personal

Information that we collect: We do not collect personal information from

you unless you voluntarily provide it to us, such as when you register for the

app. The only information needed to register for the app is forename, surname and email address.

You are responsible for any images that you choose to load onto the app. All images are fully encrypted on your phone and in the Microsoft Azure Cloud. The main point of security weakness will be your password for the app . Newcastle Hospitals takes no responsibility for security breaches due to account access via your selected password. As the creator of the images you are the data controller which means that you have responsibility for the data. All of the images are stored in the Microsoft Azure Cloud which has full authorisation for storage of NHS data. Microsoft Azure is a data processor which means they handle the encrypted image data that you upload. Microsoft take full responsibility for the security of your data. Newcastle Hospitals is the account holder for the MySkinSelfie Microsoft Azure account and we trust and contract Microsoft to keep your data safe.

If a clinic asks you to share your images for use in a medical consultation make sure that you are happy to share the images. Only clinics that have a registered account with MySkinSelfie will be able to create digital clinics for you to share images with. When you share images you will complete a within app consent process to say what you give consent to for the use of the images. You must agree to medical records. This means that your image data will be transferred to your hospital record so that the medical staff can complete their assessment of your skin problem. You may also consent to teaching or research etc. Once your image data is in your hospital record you will need to follow the hospital rules for getting access to your medical records if you want to.

Non-personal

or Aggregate Information that we collect: We may collect non-personally

identifiable information, such as IP host address, pages viewed, browser type,

duration and frequency of visits or other data, and may aggregate any

information collected in a manner which does not identify any individual

(“Aggregate Information”). Aggregate Information obtained in connection with

the Site may be intermingled with and used by us in conjunction with

information obtained through sources other than the Site, including both

offline and online sources. Aggregate Information may be shared by us with

third parties by allowing them to link to and collect data from the Site. This

data will be used for their benefit and for ours, for marketing advertising or

other purposes, including analysis of the Site for purposes of improving your

experience with the Site and academic publication.

Clickstream: As

you use the Internet, a trail of electronic information is left at each website

you visit. This information, which is sometimes referred to as “clickstream

data,” can be collected and stored by a website’s server. Clickstream data can

tell us the type of computer and browsing software you use and the address of

the website from which you linked to the Site. We may collect and use

clickstream data as a form of Aggregate Information to anonymously determine

how much time visitors spend on each page of our Site, how visitors navigate

throughout the Site and how we may tailor our web pages to better meet the

needs of visitors. This information will be used to improve our Site and our

services. Any collection or use of clickstream data will be anonymous and

aggregated, and will not intentionally contain any personal information. We may

also use this aggregated data in order to conduct academic research studies. As

a result of these academic research studies we may publish the anonymous

aggregated data we have outlined.

Information

Usage: We will only use your personal information as described below,

unless you have specifically consented to another type of use, either at the

time the personal information is collected from you or through some other form

of consent from you or notification to you. We may use your personal

information as follows: (i) to respond to your inquires or requests; (ii) to

send you emails and newsletters from time to time with information about our

Site; (iii) to share with our partners, by allowing them to link to and collect

your information from the Site; (iv) we may permit our vendors and

subcontractors to access your personal information, but they are only permitted

to do so in connection with performing services for us; (v) we may disclose

personal information as required by law or legal process; (vi) to investigate

suspected fraud, harassment or other violations of any law, rule or regulation,

or the terms or policies for our services or our sponsors and (vii) we may

transfer your personal information in connection with the sale or merger or

change of control of [the service].

Cookies: Our

Site may pass a “cookie” (a string of information that is sent by a website to

reside on your system’s hard drive and/or temporarily in your computer’s memory

blocks) or similar items, such as web beacons, gifs, and tags. The purpose of a

cookie is to tell the web server that you have returned to a particular page.

You may set your browser to decline cookies. If you do so, however, you may not

be able to fully experience some features of the Site. Additionally, we may

include small graphic images in our email messages and newsletters to you in

order to determine whether these messages were opened and whether any links

contained in these messages were viewed.

Security: We

will ensure that we put in place and will maintain appropriate technical and

organizational measures to safeguard any personal information submitted onto

the Site. All skin images taken using MySkinSelfie are encrypted prior to

uploading to our server and on downloading from the server. However, you

acknowledge that due to the inherent open nature of the Internet, no

transmission via the Internet can be guaranteed to be 100% secure. As a result

of this and other factors beyond our control, we cannot guarantee the security

of the information that you transmit to or through our Site. Therefore, you

assume that risk by using the Site.

Your

Disclosure on the Site and in Social Media: You should be aware that any

information that you submit to any portion of the Site that is viewable by the

public, such a publicly accessible blog, chat room, social media platform or

otherwise online may be viewed and used by others without any restrictions. We

are unable to control such uses of your personal information, and by using such

services you assume the risk that the personal information provided by you may

be viewed and used by third parties for any number of purposes.

Protection

for Children: We do not collect personal information from children under

the age of 18 years old. When we become aware that personal information from a

child under 18 years old has been collected without such child’s parent or

guardian’s consent, we will use all reasonable efforts to delete such

information from our database. We encourage parents to monitor the online

activities of their children to ensure that no information is collected from a

child without parental permission.

Other

Sites and Applications: As a convenience to you, we may provide links to

third-party sites from within our Site. We are not responsible for the privacy

practices or content of any third parties or third-party sites. We encourage

you to review these privacy policies to ensure that you are familiar with their

terms.

If you

use any extra plug-ins or third party applications (“Applications”) in

connection with the Site, the provider(s) of these Applications may obtain

access to certain personal information about you. We do not and cannot control

how the providers of Applications may use any personal information collected in

connected with such Applications. Please be sure to review any privacy policies

or other terms applicable to your use of these Applications prior to

installation.

Changes

to this Privacy Policy: We reserve the right, at our discretion, to

change, modify, add, or remove portions from this Privacy Policy at any time.

Your continued use of the Site following the posting of any changes to this

We are

not, however, responsible for removing your personal information from the lists

of any third party who has previously been provided your information in

accordance with this Privacy Policy or your consent, such as a sponsor. You

should contact such third parties directly if you wish to have your personal

information removed from their lists.

Communications

with Us: By providing your email address to us, you expressly consent to

receive emails from us. We may use email to communicate with you, to send

information that you have requested or to send information about other products

or services developed or provided by us or our business partners, provided

that, we will not give your email address to another party to promote their

products or services directly to you without your consent or as set forth in

this policy. Any communication or material you transmit to us by email or

otherwise, including any data, questions, comments, suggestions, or the like

is, and will be treated as, nonconfidential and non-proprietary. Furthermore,

you expressly agree that we are free to use any ideas, concepts, know-how, or

techniques contained in any communication you send to us without compensation

and for any purpose whatsoever, including but not limited to, developing,

manufacturing and marketing products and services using such information.

Site

incorporated into such terms. Your use, or access, of the Site constitutes your

agreement to be bound by these provisions.

IF YOU DO

NOT AGREE TO THESE TERMS OF USE YOU MAY NOT ACCESS OR OTHERWISE USE THE SITE.

Transfers

of Personal Data Outside the EEA: The personal data that we collect from

you may be transferred to, and stored at, a destination outside the European

Economic Area (“EEA”). It may also be processed by staff operating

outside the EEA who work for us or for one of our suppliers. By submitting your

personal data, you agree to this transfer, storing or processing. We will take

all steps reasonably necessary to ensure that your data is treated securely and

in accordance with this privacy policy.

Contact: For questions or concerns relating to privacy, we can be contacted at: nuth.myskinselfie@nhs.net

Effective

Date: This Privacy Policy was last updated on 11.11.2021

v1 15.08. 2019.

V2 26.05.2021

RIGHTS RESERVED

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Additional information

How we protect your data

All of the images and data uploaded to MySkinSelfie are encrypted both on the phone and then again when the data is uploaded to the cloud. The only way that anyone could access your images is by having access to your username and password. This by far the most common way for data breaches to occur so take proper care with your login details.