This privacy notice is effective as of 7th October 2021.
Facilitating the sharing and discussion of different ideas and approaches in medicine is the cornerstone of what we do. To that end, our online community offers medical professionals around the world the chance to interact and connect with one another. In providing this service, we are committed to maintaining your trust and confidence with respect to your privacy.
This privacy notice explains how we collect, use and share your personal data when you use our website and application.
- About our privacy notice
- Personal information we collect
- How we use your personal data
- How we share your personal data
- How we store your personal data
- Your data protection rights
- How to contact us
About our privacy notice
This privacy notice applies to our website and app, including programs and events, that refer or link to this privacy notice (the “Services”). For the purposes of any data you provide, or that is collected by us for or in connection the Services, Reachora Limited trading as Wondr Medical will be the controller of your data.
It is important that you read this privacy notice, andany other documents referred to in this privacy notice, together with any other privacy notice we may provide on specific occasions (such as when registering for a live event) so that you are fully aware of when and how we are collecting or processing your personal data, and why we are using your data.
Historic versions of our privacy notices can be obtained by contacting us at email@example.com.
Personal information we collect
We collect information about you in multiple ways; directly from you, from third-party sources, and through automated technologies.
Data collected from automated technologies We and service providers acting on our behalf, like Google Analytics and Facebook, store log files and use tracking technologies such as:
Cookies which are small text files that are stored by your browser when you visit a website. This identifies the browser used and can be recognised by our web server. We use information captured by those cookies when you use or access the Services, visit our website, or when you visit or access websites or apps provided by other companies that use or incorporate the Services.
Web beacons,which let us know if a certain page was visited or whether an email was opened
Tracking pixels, which allow us or our advertising partners to advertise more efficiently and effectively.
- IP address
- Device type
- Your operating system version
- Your browser type and version
- Referring and exiting pages and URLs
- The number of clicks on a page
- Pages viewed and the order of those pages
- The amount of time spent on particular pages
We and our services providers use these technologies to collect and analyse technical information including:
Your account settings: We provide tools in your account settings area that allow you to reject/turn off theuse of certain non-essential cookies (such as those used for analytics, or to show you tailored ads).
Browser settings: Your web browser or device may offer settings that allow you to choose whether cookies are permitted. It may also offer you the chance to review and erase cookies (including cookies you receive from your use of the Services). For more information about what cookie controls your browser or device offers, please visit the relevant section of your browser’s or device’s settings.
We respect Do Not Track signals.
Data you provide to us
The types of personal information that we collect directly from you depends on the content and features of the Services you use and how you otherwise interact with us and may include:
Data you provide when you register, such as your name, email address and password, medical specialty, hospital and years of practice;
Profile Informationwhich may include your medical speciality, hospital, years of practice, photo, a list of your publications, meetings you are attending, and a personal bio. Any information you include on your profile, you do so at your discretion. We recommend that you do not add any informationto your profile that you are not comfortable with being publicly available;
Public information that you provide to us as part of interacting with the Service, such as when you share content, follow topics and channels, search queries, make comments, or automatically link your account with Twitter(which will mean that Twitter posts get cc’d into our network feed);
Data from non-public communications (direct messaging and Rooms), such as who you have interacted with and when, and the content of those communications.
Information that you communicate to us, such as questions or information you send to customer support;
Any data that you provide must comply with the Community Guidelines.
Data others provide about you
In having an open system for communication, it is possible that others may also share content using the Services that includes data about you (e.g. through academic papers, posts, comments, or video content).
Data from your use of the Services
- Computer, device and connection information, such as IP address, browser type and version, operating system and other software installed on your device, unique device identifier and other technical identifiers, error reports and performance data.
- Usage data, such as logs of when you visit or use our Services, browsing actions and patterns, when you view or click on content or ads (on or off our website), when you share content, what sites you visit after you leave our Services, referring domains, and any other data that your device may send to us based on your phone settings (e.g. location data). To link you with this log of activity, we use your log-in information, cookies, device information, and IP address.
The Services may automatically collect information on how you and your device interact with the Service such as:
Data from third parties
- Analytics providers, such as Google Analytics, Mixpanel and Hotjar
- Websites that include our ads, cookies (or similar technologies).
- Social networks that you grant permission to the Service to access your data on one or more networks.
We may receive information about your visits and interactions from various third parties such as:
How we use your personal data
How we use your data will depend on a number of factors. These include; how the data was collected, who provided the data, which Service you use, how you use the Service, and any choices you have made about your data (either in the settings area of your account or where you have notified us).
Where we rely on your consent to process your data (such as for tailored ads or direct marketing) you have the right to withdraw or decline your consent at any time. Where we rely on legitimate interests, you have the right to object to those legitimate interests. If you have any questions around what basis we are processing any of your data, please contact us at firstname.lastname@example.org.
We will use your personal data in the following circumstances:
To provide the Services to you
- others can find your profile, see the information that you have made public, and provide you with content;
- you can share your views and content in the form of posts and comments;
We use your data to provide the Services to you so that:
To keep in touch with you
We may contact you via email, the Services(e.g. using notices), or by other means in order to send you messages about Service availability, security issues, or similar service issues. Please be aware that, whilst you cannot opt out of receiving service messages or legal notices from us, we will not provide you with direct marketing or information about relevant events (from us or any third parties) unless you have specifically given us your consent for such.
- data from various technologies on and off our Services (e.g.cookies, pixels, tags, and device identifiers)
- information that you provide to us (such as that described in section 2);
- data from your use of our Services (such as that described in section 2);
- information from advertising partners and publishers; and
- other information described in section 2 above.
We will show you (and measure and report on the performance of) ads, directly or through our advertising partners. Where we do so, we use the following data to tailor the ads that you see to ones that what we think are more relevant to you:
We use automated technologies from our advertising partners (such as the Facebook and Twitter Pixels) on our website. This allows us to determine whether we’ve shown you an ad, whether you engaged with it, and report on the actions you take after viewing the ad (such as registering for an event). This enables us to record the efficiency of advertisements for statistical and market research purposes. If you click on any of these ads, the fact that you have clicked on it (along with technical information, such as an IP address identifying you as having clicked on it, the URLs and domains visited on our Services, and the device you used) will be viewable to us. You should be aware that our advertising partners will also collect and receive this information and may use this information to provide measurement services and target ads. You may, at any time, opt-out of receiving tailored ads or from our use of certain categories of data to show you these tailored ads. You can do this under the settings area of your account.
From time to time, publishers may want their content or events to be seen by specific users of the Services. For example, where they believe that their content is relevant for users in a certain location, with certain expertise, or in a certain practice area. In addition to showing you tailored ads using the data mentioned above, we may also show you specific content or event details on the Services (e.g. in your feed) that publishers have asked us to promote.
Developing our Services
We use your data, including any feedback that you provide to us, surveys that you voluntarily complete, and data about your engagement with certain content using the Services, to develop our Services in order to encourage better future engagement and to provide you with a better experience going forward.
We also use these cookies to create insights and provide aggregated information to publishers and advertising partners about how you use the Services, the content you interact with, and how you interact with our and their ads, websites and apps.
Where you have opted in to receive marketing emails, we may also obtain information from our emails to you,such as whether an email has been delivered and if you have opened an email.
We use your data (including content shared and comments posted) to investigate, respond to and resolve complaints from users or publishers and for Service issues.
Providing insights to others
We may use your data to produce and share insights, where these insights do not identify you. For example, we may use your data to generate demographic and content engagement statistics for publishers and advertisers based on your and other users’ views, follows, re-posts, general locations, areas of practice, other interests etc.
How we share your personal data
Our service is public and the information that you include on your profile is visible to all other users of the Services as well as publishers. Additionally, when you post a comment or share any content using the Services (e.g. on your own page or on another’s page), this can be publicly viewed by all other users and publishers and may be copied or reshared elsewhere. You should think carefully about sharing information that you may not be comfortable making publicly available.
Non-Public Communications (Direct Messages and Rooms)
Some features of the Service allow you to communicate more privately and control who sees your content.
Direct messages allow you to have non-public conversations on the Services. Rooms allow you to host or participate in private discussion groups. We share the content of the direct messages with the people you’ve sent them to. Content added to Rooms will be shared with other members of the Room. We do not use these features to serve you ads. When you use these features to communicate, please remember that recipients have their own copy which they may duplicate, store or share, even if you delete your copy from your account.
Suppliers and Service Providers
- email services providers (Mailchimp and Sparkpost),
- access and authentication service providers (Auth0),
- analytics service providers (Google, Hotjar and Mixpanel)
- advertising networks (Facebook and Twitter) and
- IT service providers (AWS).
Depending on how you use the services, we share your personal data with:
as necessary to provide the Services, complete a transaction or fulfill your request or otherwise on our behalf based on our instructions. Your personal data may be accessed, stored or processed by these services.
We use data processors who are third parties to provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from usand will retain it for the period we instruct. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
Third Party Event Sponsors
When you register for a live third party event (such as conferences, webinars or live cases), we will share the information you provide, such as your name, institution name and email address with the third party sponsoring or hosting the event. They may use this data to contact you with information relevant to the event. If you do not wish for your personal information to be shared in this way then you can choose not to register for the live event.Should you choose not to register, these events are commonly made available as a recording following the event.
With regulators or where required by law
- comply with a regulator’s investigation, or to prevent or act in respect of suspected or actual illegal activities taking place via the Services;
- investigate and defend ourselves against third-party claims or allegations; and
- protect the security and integrity of the Services, including the protection of rights of other users, publishers and our employees.
In some circumstances, we may be legally required to use or disclose information about you. Examples of when this might be necessary include, to:
Where we need to use your personal data for one of the reasons listed above, we will attempt to notify you of such, unless prohibited by law or court order or in case of emergency.
If we are acquired by another company
We will share your data with other companies as part of any sale process, merger, or change of control of our business. Any entity that purchases us or part of our business will have the right to continue to use your data only in the ways set out in this privacy notice, unless you agree otherwise.
How we store your personal data
Cross-border transfers of data
We process and store data inside the European Union and the United Kingdom and we rely on legally provided mechanisms to lawfully transfer data across borders. Our AWS servers are located in Ireland.
As a general rule, we retain your data as long as you keep an account open with us or as long as we require to provide you with the Services. This is subject to your exercise of rights (set out in section 6) and any data that might be retained after closure of your account, as detailed below.
If your account with us is closed for any reason, your personal data will normally stop being visible to others on our Services within 24 hours. We will hold any data and content that you previously provided to us for a period of 90 days following closure of your account. This is to allow you sufficient opportunity to (a) request that your account be re-activated if you change your mind, and (b) request copies of your data before it is permanently deleted.
You should note that, where you have shared information with others using the Services (e.g. comments, posts, etc.) this will remain visible after you close your account and we have no control over data that other users or publishers may have copied out of the Services.
We intend to implement industry standard security safeguards designed to protect your data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. However, we cannot guarantee the security of any information that you provide when using the Services. In the rare event of any reportable data breach, we will notify you as soon as possible and in accordance with regulatory requirements.
Your data protection rights
The Service allows registered users to directly access their account information and make correction or updates at any time, control links to their Twitter accountand email notifications,and, in the ‘settings’ area of your account, tocontrol who you see advertising from (i.e. tailored ads). Keeping such information up to date is solely the responsibility of the user.
In addition to these controlsyou have rights underdata protection law, namelythe Data Protection Act 2018, GDPR (United Kingdom General Data Protection Regulation)(UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with these. Where data is processed by a controller or processor established in the European Union or comprises the data of people of the European Union, it also includes the EU General Data Protection Regulation (EU GDPR).
These rights include:
- Your right of access – You have the right to ask us for copies of your personal information
- Your right to rectification – In addition to the controls described above, you have the right to ask us to rectify personal data you think is inaccurate and the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to delete your personal data in certain circumstances.
- Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstance, e.g. if we have no legal right to keep using it, or if your data is inaccurate or unlawfully held.
- Your right to data portability – You have the right to ask that we transfer all or specified personal data you gave us to another organisation, or to you, in certain circumstances, by means of a copy of the data provided in a machine-readable form (e.g. pdf, word, excel etc.).
You are not required to pay any charge for exercising your rights. If you wish to exercise any of these rights, please contact us using the details in Section 7. We will respond to your request consistent with applicable laws. To protect your privacy and security, we may require you to verify your identity.
How to contact us
Wondr Medical is a company registered in England (company number 10413945) with it’s registered office at Finsgate 5-7, Cranwood Street, London, EC1 V9EE (collectively referred to as “Wondr Medical, “we”, “our” and “us” in this privacy notice).
If you have any questions about this privacy notice, concerns how your personal data is used by us, or wish to make a request to exercise your legal rights, you can contact our Data Protection Office (DPO) using the details below.
Name: Elisa Voros
Postal Address: Finsgate 5-7, Cranwood Street, London. EC1 V9EE
If you are not satisfied with our response, or if we cannot resolve your complaint you can also contact the Information Commissioner’s Office (“ICO”). Please note that nothing prevents you from taking a matter to the ICO before having spoken to us, nor does anything prevent you from taking a matter to the relevant data protection regulator in your home country.
The ICO’s address:
Information Commissioner’s Office Wycliffe House
Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk
Our EU Representative
If you are based in the EU or EEA, we have appointed a representative based in the EU for you to contact with any issues or queries you may have relating to our processing of your Personal Data. Our EU representative is Mike Morrissey who can be contacted directly by emailing him at EURep@wondrmedical.net.