Privacy Policy

This privacy notice is effective as of 7th October 2021.

Facilitating the sharing and discussion of different ideas and approaches in medicine is the cornerstone of what we do. To that end, our online community offers medical professionals around the world the chance to interact and connect with one another. In providing this service, we are committed to maintaining your trust and confidence with respect to your privacy.

This privacy notice explains how we collect, use and share your personal data when you use our website and application.

  1. About our privacy notice
  2. Personal information we collect
  3. How we use your personal data
  4. How we share your personal data
  5. How we store your personal data
  6. Your data protection rights
  7. How to contact us

  1. About our privacy notice

    This privacy notice applies to our website and app, including programs and events, that refer or link to this privacy notice (the “Services”). For the purposes of any data you provide, or that is collected by us for or in connection the Services, Reachora Limited trading as Wondr Medicalwill be the controller of your data.

    It is important that you read this privacy notice, andany other documents referred to in this privacy notice, together with any other privacy notice we may provide on specific occasions (such as when registering for a live event) so that you are fully aware of when and how we are collecting or processing your personal data, and why we are using your data.

    Historic versions of our privacy notices can be obtained by contacting us at hello@reachora.com.

    Words and phrases defined in the Terms of Use have the same meaning in this privacy notice unless specified otherwise.

  2. Personal information we collect

    We collect information about you in multiple ways; directly from you, from third-party sources, and through automated technologies.

    Data collected from automated technologies We and service providers acting on our behalf, like Google Analyticsand Facebook, store log files and use tracking technologies such as:

    • Cookies which are small text files that are stored by your browser when you visit a website. This identifies the browser used and can be recognised by our web server. We use informationcaptured by those cookies when you use or access the Services, visit our website, or when you visit or access websites or apps provided by other companies that use or incorporate the Services.

      We use both “session cookies” (which expire and are deleted once you close your browser) and “persistent cookies” (which stay on your device for a specified period of time or until you delete them). How we use data obtained from cookies is documented in Section 3.

      Opt in to our use of cookies and other similar technologies
    • Web beacons,which let us know if a certain page was visited or whether an email was opened

    • Tracking pixels, which allow us or our advertising partners to advertise more efficiently and effectively.

    • We and our services providers use these technologies to collect and analyse technical information including:

    • IP address
    • Device type
    • Your operating system version
    • Your browser type and version
    • Referring and exiting pages and URLs
    • The number of clicks on a page
    • Pages viewed and the order of those pages
    • The amount of time spent on particular pages
    • You have a number of controls (detailed below) over how we use these technologies. Please note that, if you limit or restrict our ability to use cookies, this may have an impact on your experience in using the Services. For example, the Services may no longer be as personalised to you and performance of the Services may be affected.

      Your account settings: We provide tools in your account settings area that allow you to reject/turn off theuse of certain non-essential cookies (such as those used for analytics, or to show you tailored ads).

      Browser settings: Your web browser or device may offer settings that allow you to choose whether cookies are permitted. It may also offer you the chance to review and erase cookies (including cookies you receive from your use of the Services). For more information about what cookie controls your browser or device offers, please visit the relevant section of your browser’s or device’s settings.

      We respect Do Not Track signals.

    Data you provide to us

    The types of personal information that we collect directly from you depends on the content and features of the Servicesyou use and how you otherwise interact with us and may include:

    Data you provide when you register, such as your name, email address and password, medical specialty, hospital and years of practice;

    Profile Informationwhich may include your medical speciality, hospital, years of practice, photo, a list of your publications, meetings you are attending, and a personal bio. Any information you include on your profile, you do so at your discretion. We recommend that you do not add any informationto your profile that you are not comfortable with being publicly available;

    Public information that you provide to us as part of interacting with the Service, such as when you share content, follow topics and channels, search queries, make comments, or automatically link your account with Twitter(which will mean that Twitter posts get cc’d into our network feed);

    Data from non-public communications (direct messaging and Rooms),such as who you have interacted with and when, and the content of those communications.

    Information that you communicate to us, such as questions or information you send to customer support;

    Any data that you provide must comply with the Community Guidelines.

    Data others provide about you

    In having an open system for communication, it is possible that others may also share content using the Servicesthat includes data about you (e.g. through academic papers, posts, comments, or video content).

    Data from your use of the Services

      The Servicesmay automatically collect information on how you and your device interact with the Service such as:

    • Computer, device and connection information, such as IP address, browser type and version, operating system and other software installed on your device, unique device identifier and other technical identifiers, error reports and performance data.
    • Usage data, such as logs of when you visit or use our Services, browsing actions and patterns, when you view or click on content or ads (on or off our website), when you share content, what sites you visit after you leave our Services, referring domains, and any other data that your device may send to us based on your phone settings (e.g. location data). To link you with this log of activity, we use your log-in information, cookies, device information, and IP address.
    • We collect this data through our serversandthe use of cookies and other similar technologies. We use cookies to collect data to link you and your device(s) with your activity when using our Services.

      We use cookies from third parties (such as Google Analytics) on our Services to allow us to collect data on how you use and interact with our Services (see Developing our Services in Section 3).If you have given us permission to use analytics before, youcan opt out from our use of your data in your settings.

    Data from third parties

      We may receive information about your visits and interactions from various third partiessuch as:

    • Analytics providers, such as Google Analytics,Mixpanel and Hotjar
    • Websites that include our ads, cookies (or similar technologies).
    • Social networks that you grant permission to the Service to access your data on one or more networks.

  3. How we use your personal data

    How we use your data will depend on a number of factors. These include;how the data was collected, who provided the data, which Service you use, how you use the Service, and any choices you have made about your data (either in the settings area of your account or where you have notified us).

    We will only collect and process your data where we have a lawful basis for doing so. Lawful bases include consent (where you have provided it to us), contract (where processing is necessary for the performance of a contract, such as the Terms of Use under which we provide the Services to you), and “legitimate interests”.

    Where we rely on your consent to process your data (such as fortailored ads ordirect marketing) you have the right to withdraw or decline your consent at any time. Where we rely on legitimate interests, you have the right to object to those legitimate interests. If you have any questions around what basis we are processing any of your data, please contact us at hello@reachora.com.

    We will use your personal data in the following circumstances:

    To provide the Services to you

      We use your data to provide the Services to you so that:

    • you can sign into the Services. We use cookies to verify your account (so you don’t have to keep logging in) and to determine when you’re logged in (so you can access the Services and navigate between various pages with ease);
    • others can find your profile, see the information that you have made public, and provide you with content;
    • you can share your views and content in the form of posts and comments;
    • the Services may be personalised for you (e.g. so that you see content that may be interest to you).We use cookies to enable us to provide each function of the Services, and to provide you with personalised content from publishers. We also use cookies to remember information about your browser and any settings or preferences.

    To keep in touch with you

    We may contact you via email, the Services(e.g. usingnotices), or by other means in order to send you messages about Service availability, security issues, or similar service issues. Please be aware that, whilst you cannot opt out of receiving service messages or legal notices from us, we will not provide you with direct marketing or information about relevant events (from us or any third parties) unless you have specifically given us your consent for such.

    Advertising

      We will show you (and measureand report onthe performance of) ads, directly or through our advertising partners.Where we do so, we use the following data to tailor the ads that you see to ones that what we think are more relevant to you:

    • data from various technologies on and off our Services (e.g.cookies, pixels, tags, and device identifiers)
    • information that you provide to us (such as that described in section 2);
    • data from your use of our Services (such as that described in section 2);
    • information from advertising partners and publishers; and
    • other information described in section 2 above.
    • We use automated technologiesfrom our advertising partners (such as the Facebookand TwitterPixels) on our website. This allows us to determine whether we’ve shown you an ad, whether you engagedwith it,and reporton the actions you take after viewing the ad (such as registering for an event). Thisenables us to record the efficiencyof advertisements for statistical and market researchpurposes. If you click on any of these ads, the fact that you have clicked on it (along with technical information, such as an IP addressidentifying you as having clicked on it, the URLs and domains visitedon our Services, and the deviceyouused) will be viewable to us. You should be aware that our advertising partners willalso collect and receive this information and may use this information to provide measurement services and target ads.You may, at any time, opt-out of receiving tailored ads or from our use of certain categories of data to show you these tailored ads. You can do this under the settings area of your account.

    Promoted content

    From time to time, publishers may want their content or events to be seen by specific users of the Services. For example, where they believe that their content is relevant for users in a certain location, with certain expertise, or in a certain practice area. In addition to showing you tailored ads using the data mentioned above, we may also show you specific content or event details on the Services (e.g. in your feed) that publishers have asked us to promote.

    Developing our Services

    We use your data, including any feedback that you provide to us, surveys that you voluntarily complete, and data about your engagement with certain content using the Services, to develop our Services in order to encourage better future engagement and to provide you with a betterexperience going forward.

    We use cookies to analyse how the Services are accessed, used or are performing. This information is then used to maintain, operate and enhance the Services with the aim of improving your overall experience. We use analytics tools like Google Analytics and Mixpanel to track page views and user behaviour within the Services.It’s important to know that your data is kept on these services (please see Section 4 for information on how your data is shared).

    We also use these cookies to create insights and provide aggregated information to publishers and advertising partners about how you use theServices, the content you interact with, and how you interact with our and their ads, websites and apps.

    Where you have opted in to receive marketing emails, we may also obtain information from our emails to you,such as whether an email has been delivered and if you have opened an email.

    Providing support

    We use your data (including content shared and comments posted) to investigate, respond to and resolve complaints from users or publishers and for Service issues.

    Providing insights to others

    We may use your data to produce and share insights, where these insights do not identify you. For example, we may use your data to generate demographic and content engagement statistics for publishers and advertisers based on your and other users’ views, follows, re-posts, general locations, areas of practice, other interests etc.

    Security reasons

    We use your data for security purposes, including for the prevention or investigation of fraud or other violations of our Terms of Use or Community Guidelines.We use cookies to keep your account, its data, and the Services secure. We also use cookies to detect security threats, activity in breach of the Terms of Use and Community Guidelines, and any other malicious activity.

  4. How we share your personal data

    Public Information

    Our service is public and the information that you include on your profile is visible to all other users of the Services as well as publishers. Additionally, when you post a comment or share any content using the Services (e.g. on your own page or on another’s page), this can be publicly viewed by all other users and publishers and may be copied or reshared elsewhere.You should think carefully about sharing information that you may not be comfortable making publicly available.

    Non-Public Communications (Direct Messages and Rooms)

    Some features of the Service allow you to communicate more privately and control who sees your content.

    Direct messagesallow you to have non-public conversations on the Services.Roomsallow you to host or participate in private discussion groups. We share the content of the direct messages with the people you’ve sent them to. Content added to Rooms will be shared with other members of the Room.We do not use these features to serve you ads.When you use these features to communicate, please remember that recipients have their own copywhich they may duplicate, store or share, even if you delete your copy from your account.

    Suppliers and Service Providers

      Depending on how you use the services, we share your personal data with:

    • email services providers (Mailchimp and Sparkpost),
    • access and authentication service providers (Auth0),
    • analytics service providers (Google, Hotjar and Mixpanel)
    • advertising networks (Facebook and Twitter) and
    • IT service providers(AWS, Segment).
    • as necessary to provide the Services, complete a transaction or fulfillyour request or otherwise on our behalf based on our instructions.Your personal data may be accessed, stored or processed by these services.

      We use data processors who are third parties toprovide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from usand willretain it for the period we instruct..We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

    Third Party Event Sponsors

    When you register for a live third party event (such as conferences, webinars or live cases), we will share the information you provide, such as your name, institution name and email address with the third party sponsoring or hosting the event. They may use this data to contact you with information relevant to the event. If you do not wish for your personal information to be shared in this way then you can choose not to register for the live event.Should you choose not to register, these events are commonly made available as a recording following the event.

    With regulators or where required by law

      In some circumstances, we may be legally required to use or disclose information about you. Examples of when this might be necessary include, to:

    • comply with a regulator’s investigation, or to prevent or act in respect of suspected or actual illegal activities taking place via the Services;
    • enforce the Terms of Use or any other agreements we have with you or others;
    • investigate and defend ourselves against third-party claims or allegations; and
    • protect the security and integrity of the Services, including the protection of rights of other users, publishers and our employees.
    • Where we need to use your personal data for one of the reasons listed above, we will attempt to notify you of such, unless prohibited by law or court order or in case of emergency.

    If we are acquired by another company

    We will share your data with other companies as part of any sale process, merger, or change of control of our business. Any entity that purchases us or part of our business will have the right to continue to use your data only in the ways set out in this privacy notice, unless you agree otherwise.

  5. How we store your personal data

    Cross-border transfers of data

    We process and store data inside the European Union and the United Kingdom and we rely on legally provided mechanisms to lawfully transfer data across borders.Our AWS servers are located in Ireland.

    Data retention

    As a general rule, we retain your data as long as you keep an account open with us or as long as we require to provide you with the Services. This is subject to your exercise of rights (set out in section 6) and any data that might be retained after closure of your account, as detailed below.

    Account closure

    If your account with us is closed for any reason, your personal data will normally stop being visible to others on our Services within 24 hours. We will hold any data and content that you previously provided to us for a period of 90 days following closure of your account. This is to allow you sufficient opportunity to (a) request that your account be re-activated if you change your mind, and (b) request copies of your data before it is permanently deleted.

    We may retain your data beyond this 90 day period where it is reasonably necessary for us to do so in order to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve legal disputes, maintain security, prevent fraud and abuse (e.g. if we have barred you from using the Services for breach of our Terms of Use), or to fulfil your requests to “unsubscribe” from any direct marketing that you might have previously consented to. Additionally, we may retain certain information in an aggregated and anonymised/depersonalised format (e.g. the insight information referred to in section 3) after you close your account.

    You should note that, where you have shared information with others using the Services (e.g. comments, posts, etc.) this will remain visible after you close your account and we have no control over data that other users or publishers may have copied out of the Services.

    Security

    We intend to implement industry standard security safeguards designed to protect your data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. However, we cannot guarantee the security of any information that you provide when using the Services. In the rare event of any reportable data breach, we will notify you as soon as possible and in accordance with regulatory requirements.

  6. Your data protection rights

    The Service allows registered users to directly access their account information and make correction or updates at any time, control links to their Twitter accountand email notifications,and, in the ‘settings’ area of your account, tocontrol who you see advertising from (i.e. tailored ads). Keeping such information up to date is solely the responsibility of the user.

    In addition to these controlsyou have rights underdata protection law, namelythe Data Protection Act 2018, GDPR (United Kingdom General Data Protection Regulation)(UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with these. Where data is processed by a controller or processor established in the European Union or comprises the data of people of the European Union, it also includes the EU General Data Protection Regulation (EU GDPR).

    These rights include:

    • Your right of access – You have the right to ask us for copies of your personal information
    • Your right to rectification – In addition to the controls described above, you have the right to ask us to rectify personal data you think is inaccurate and the right to ask us to complete information you think is incomplete.
    • Your right to erasure – You have the right to ask us to delete your personal data in certain circumstances.
    • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstance, e.g. if we have no legal right to keep using it, or if your data is inaccurate or unlawfully held.
    • Your right to data portability – You have the right to ask that we transfer all or specified personal data you gave us to another organisation, or to you, in certain circumstances, by means of a copy of the data provided in a machine-readable form (e.g. pdf, word, excel etc.).

    You are not required to pay any charge for exercising your rights. If you wish to exercise any of these rights, please contact us using the details in Section 7. We will respond to your request consistent with applicable laws. To protect your privacy and security, we may require you to verify your identity.

  7. How to contact us

    Wondr Medical is a company registered in England (company number 10413945) with it’s registered office at Finsgate 5-7, Cranwood Street, London, EC1 V9EE (collectively referred to as “Wondr Medical, “we”, “our” and “us” in this privacy notice).

    If you have any questions about this privacy notice, concerns how your personal data is used by us, or wish to make a request to exercise your legal rights, you can contact our Data Protection Office (DPO) using the details below.

    Name: Elisa Voros

    E-mail: dpo@reachora.com

    Postal Address: Finsgate 5-7, Cranwood Street, London. EC1 V9EE

    If you are not satisfied with our response, or if we cannot resolve your complaint you can also contact the Information Commissioner’s Office (“ICO”). Please note that nothing prevents you from taking a matter to the ICO before having spoken to us, nor does anything prevent you from taking a matter to the relevant data protection regulator in your home country.

    The ICO’s address:

    Information Commissioner’s Office Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF
    Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

Our EU Representative

If you are based in the EU or EEA, we have appointed a representative based in the EU for you to contact with any issues or queries you may have relating to our processing of your Personal Data. Our EU representative is Mike Morrissey who can be contacted directly by emailing him at EURep@reachora.com.