Privacy Policy – Version 1.3 Last updated date: 14 Nov 2021
1.1 Policy Statement CYBERLIVER Ltd (“We”) are committed to protecting your personal data and respecting your privacy. This Privacy Policy will inform you as to how we look after your personal data when you use AlcoChange DTx (iOS & Android) (the App) which is owned, controlled and operated by Cyberliver. Where a user signs up for AlcoChange, Cyberliver will be the data controller for the purposes of personal data collected through the use of the App. You can view the Terms and Conditions for AlcoChange DTx here https://alcochange.cyberliver.com/dtx-terms-and-conditions 1.2 Important Information and Who We Are This Privacy Policy aims to give you information on how Cyberliver collects and processes your personal data through the use of the App or when you otherwise interact with us. It also describes your legal rights regarding use, access and correction of your personal data. If you do not agree with the data practices described in this Privacy Policy, you should not use the App. Where you use the App, you will be taken to have agreed with the terms of this Privacy Policy. Controller and contact details Cyberliver Limited (company number: 8052630) is the data controller and responsible for your personal data (collectively referred to as Cyberliver , we , us or our in this Privacy Policy. We have appointed a data protection office ( DPO ) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy or our treatment of the information you provide us, please contact the DPO by writing to us by email at [email protected] or by mail to Cyberliver, First Floor, Burnells, 5 Garland Road, Stanmore, Middlesex, HA71NR, UK, Attn: Privacy Changes to the Privacy Policy We keep this Privacy Policy under regular review. We will post any changes to this Privacy Policy on this page and, if the changes are significant, we will provide a more prominent notice by sending you a notification in the App and you may be required to read and accept the changes to continue your use of the App. While we will notify you of any material changes to this Privacy Policy, we encourage you to review this Privacy Policy periodically. Historic versions can be obtained by contact us. It is important that the personal data that we hold about you is accurate and current. Please keep us informed if your personal details change during our relationship with you. Information About Children The App is not intended for or targeted at children under 16, and we do not knowingly or intentionally collect information about children under 16. If you believe that we have collected information about a child under 16, please contact us at [email protected] , so that we may delete the information. Third Party Links The App may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave the App, we encourage you to read the privacy policy of every website you visit. 1.3 Information We Collect about you and how we collect it When you sign up to the App A user can only Signup for the App using prescription code issued by a clinician. When you visit the App store or Play Store and signup for using the App, we will request that you provide personal data about yourself (including first name, last name, date of birth, email address, weight, height and gender) and you will also be asked to create a unique password.
When You Use the App When using the App, you will be asked to supply personal data. We will use this information to help identify your drink-free days, your alcohol consumption and resulting calorie intake and costs incurred or not (as the case may be) (based on average figures per unit consumed/saved).
Personal Data This refers to any information that you voluntarily submit to us when you signup and Use the App and that identifies you personally, including contact information, such as your first and last name, e-mail address, date of birth, gender, location (including postcode and country) height, weight, weekly drinking average, and other information about yourself.
Personal Data This refers to any information that you voluntarily submit to us when you signup and Use the App and that identifies you personally, including contact information, such as your first and last name, e-mail address, date of birth, gender, location (including postcode and country) height, weight, weekly drinking average, and other information about yourself.
Personal data also includes your drinking data, sleep activity, physical activity, food, drink location and time stamp of the activities in the App. Your payment information is stored in Google Play account, PayPal and iTunes account which are data processors for the purposes of that personal data. We don’t store any of your payment information in our databases and all the payments are carried out through secure 3rd party payment portal and are covered under their terms and privacy policies. Log Files and Analytics Services We may also collect information that your browser or App sends whenever you visit the App ( Log Data ). This Log Data may include information such as your computer’s Internet Protocol ( IP ) address, browser type, browser version, the pages of our Website or App that you visit, the time and date of your visit, the time spent on those pages, mobile UDID, geo-localisation data, and other statistics. We collect this personal data by using cookies and other similar technologies. Please see our cookie policy for further details. In addition, we use third party services such as Google Analytics to collect, monitor and analyse this information in order to increase our App functionality and make your experience of the App more interesting for you. We may link information we store within the analytics software to personal data you submit within the App. We do this to improve services we offer you and improve our marketing, analytics and site functionality. Information we collect from third parties We may collect personal data about you from our programme partner, University of Southampton (UOS) where you have authorised them (or their authorised representatives) to disclose that information to us for the purposes of registering an account with the App. In addition, when you use the App we may also collect your city location, device model and version, device identifier (or UDID ), OS version, and your CyberLiver account credentials. We don’t collect any personal data about you from publicly available sources such as social media websites. Location Data. We also use GPS technology to determine your current location. Some of our location-enabled services within the App require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your personal data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings. 1.4 How We Use your Personal Data Legal basis for processing Personal Data Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you only where we have your consent to do so, where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal data from you. When you install the App and register as a user and subsequently use the App and its features, you consent to us processing the personal data that you have provided to us in accordance with this Privacy Policy. If we ask you to provide personal data to comply with a legal requirement, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data). We will rely on your consent to process any Special Categories of Personal Data that you voluntarily disclose to us. You do not have to disclose any Special Categories of Personal Data in order to use the App. By voluntarily providing Special Categories of Personal Data to us, we will proceed on the basis that you have given you consent to the processing of the Special Categories of Data disclosed to us. If we collect and/or use your personal data in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our business and communicate with you as necessary to provide our services to you or for our legitimate commercial interest including, but not limited to to deliver content to you; improving your user experience by personalising the App; responding to your user support requests and any queries that you raise with us or with any of our business partners; registering you as a user; managing our relationship with you including notifying you via push notifications about changes to the App, to the terms in relation to the App or to this Privacy Policy; improving our platform, products and services; supporting our business operations and the App; unless you tell us otherwise, undertaking marketing of any or all of the services that we provide (either directly or through our authorised third parties) and which we consider may be of interest to you and which we will notify to you via push notifications in the App; to monitor trends so that we can improve the App; for the purposes of detecting or preventing illegal activities or otherwise where we need to comply with a legal obligation; or where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We send push notifications from time to time in the App as motivational messages, to update you about your progress, events or promotions. If you no longer wish to receive such communications, you may turn them off at the device level. We will get your consent before sending direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data User Testimonials and Comments We post user testimonials and comments on our App pages, Play Store, App Store, Social medial promotions, websites, and portal which may contain personal data. We obtain each user’s consent via email prior to posting the user’s name and testimonial. Security of your Personal Data We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. We secure the personal data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal data is protected using appropriate physical, technical and organizational measures. Social Media Features The App includes Social Media Features, such as the Facebook/ Google Login, Facebook Like button and Widgets, such as the Share This button or interactive mini-programs that run in the App. These features may collect your IP address, which page you are visiting on our sites, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on the App. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them. External Websites The App may provide links to other websites. We do not control, and are not responsible for, the content or practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have. Public Forums We offer publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose any information through our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any information you have posted on the App if you so request, as described in “Opting Out and Unsubscribing” below. 1.5 Disclosures of your Personal Data We Never Sell Personal Data We will never sell your personal data to a third party. University of Southampton UOS is our programme partner in relation to the App and you agree that we may disclose to UOS (or their authorised representatives) the following personal data about you: Sign up data i.e. name, gender, date of birth, email address, telephone number; Your alcohol consumption, dry days, mood, sleep, activity levels and food consumption etc. as recorded by you in the App. This information is disclosed to UOS to enable them to assess the take up and the use of the App and consider user statistics, feedback and impact and to enable them to follow up with those users who have signed up for the App. Service Providers We may disclose your personal data to service providers who provide data processing services to us or whose services are integral for the delivery of our services to you (for example, in relation to the provision of services to you pursuant to a contract that you have entered into with us or to support the delivery of, provide functionality on, or help to enhance the security of the App), or who otherwise process personal data for purposes that are described in this Privacy Policy or notified to you when we collect your personal data. Advisers We may disclose your personal data to professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the EEA who provide consultancy, banking, legal, insurance and accounting services. HMRC We may disclose your personal data to HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who may require reporting of processing activities in certain circumstances. CyberLiver Partners & Research We may use your personal data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. We will only send you marketing information by email whilst you are opted in to our marketing database. We may share data with trusted partners to contact you based on your request to receive such communications, help us perform statistical analysis, or provide user support. We work with experts with in our organisation and trusted partners who might use the personal data collected from you to do analysis, research, and release the results in public domain and we ensure that whenever the research results are published the user identity is anonymised and are not shared with any third party. We might use the collected personal data for research purposes based on the consent received during the sign-up process. We may contact you to get consent if you’re willing to be a part of future research and sign a separate privacy and research agreement at that time. Corporate Events We may share your personal data with third parties to whom we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your data in the same way as set out in this Privacy Policy. Compelled Disclosure We reserve the right to use or disclose your personal data if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process. All third parties to which we disclose your personal data are prohibited from using your personal data except for the purposes for which that data has been disclosed to them and they are required to maintain the confidentiality of your information. 1.6 Retention of your Personal Data We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In some circumstances you can ask us to delete your data: see your legal rights below for further information. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. 1.7 International Transfers International Transfers to third parties Certain of our third party suppliers are based outside of the European Economic Area ( EEA ) and, therefore, their processing of your personal data will involve a transfer of data outside of the EEA. When we transfer your personal data out of the EEA, we make use of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer. 1.8 Cookies and Similar Technologies Cookies If you access your account in the App via our website (portal.cyberliver.com) then we will use tracking technology which will retain your login session for 1 hour. Otherwise, we do not use cookies or similar technologies when you use the App. Advertising We don’t partner with any third party to advertise in the App based on your personal preferences and data. We don’t share or sell any personal data to any third party with respect to advertising or marketing. Third Party Tracking Technologies We use third parties such as Google analytics to track the user behaviour on the App. Those third parties may also use cookies, over which we have no control. 1.9 Data Security Cookies We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 1.10 Data Retention How long will you use my personal data for? We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In some circumstances you can ask us to delete your data: see your legal rights below for further information. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, or where it is not possible to delete your personal data, in which case we may use this information indefinitely without further notice to you. We retain information derived from cookies and other tracking technologies in accordance with our cookies policy. 1.11 Your Legal Rights Reviewing, Correcting and Removing Your Personal Data You have the following data protection rights: You can request access, correction, updates or deletion of the personal data that we hold about you. You can ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below). Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. You can object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for director marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information and which override your rights and freedoms. You can ask us to restrict processing of your personal data in the following circumstances: If you want us to establish the data’s accuracy. Where our use of the data is unlawful but you do not want us to erase it. Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. You can request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. If we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent. You have the right to make a complaint at any time to the Information Commissioner’s Office ( ICO ), the UK supervisory authority for data protection issues or other competent supervisory authority of an EU member state if the App is downloaded outside the UK. To exercise any of these rights, please contact us at [email protected] . We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken. To Unsubscribe From Our Communications You may unsubscribe from our communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, updating your communication preferences, or by sending us email us at [email protected] . Users cannot opt out of receiving transactional emails related to their account with us or the Premium Service. Visit us @ www.cyberliver.com Write to us @ CyberLiver Limited, First Floor, Burnells, 5 Garland Road, Stanmore, Middlesex, HA71NR, UK, Email us @ [email protected] 1.12 Contact Us If you have any questions about how we use your personal data, or want to exercise your rights over your information, you can email us on [email protected] 1.13 Policy Information This policy was last updated on the 20th of April 2021. We may update it at any time.