We collect your personal information from you to communicate and work with you. Collecting your personal data enables us to learn what different choices of communication work best.

When you use our website and services, you are agreeing for us to store and process your personal data. The ways we do that are explained in this notice.

“Personal identifiable information,” as used in this Privacy Notice is information that specifically identifies an individual, such as an individual’s name, address, telephone number, e-mail address, or other similar information that can be used to identify you. Personal identifiable information also includes information about an individual’s activity on our website, including profile information and other identifiable information entered by you. Personal identifiable information we collect is referred to in this Privacy Notice as “Personal Information.”

You have the right to be informed about the collection and use of your personal information.

When we collect personal information from you, we will provide you with privacy information at the time we collect your information.

We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:

Identity Information

Name, job role

Contact Information

Location, e-mail address and telephone number

Technical Information

When you use our website, we automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. We may also use “cookies” and other tracking technologies to enhance your experience and gather information about our website visitors.

Third party organisations

This means other organisations that we collect data from, but only when you have given them permission to do this. You may give these organisations permission at various times, for example when buying a product or joining certain membership organisations. The data we receive depends on your agreement with that organisation.

We may process your personal information for our legitimate business needs. Rest assured; our intentions are always good. We collect your personal information because we need it to help us fulfil your requests, keep in touch with you, and offer you communications that are relevant to you.

This may include:

• Presenting our Services to you
• Providing you with information that you request from us
• Notifying you with changes in the Services we offer
• Allowing you to participate in any interactive features on the Services
• Personalising your Services
• Contacting you when necessary or requested
• Verifying and validating your identify
• Troubleshooting problems with the Services, as requested
• Enforcing Terms of Service, and to detect and protect against error, fraud, and other unauthorised or illegal activities
• Operating and improving the Services and
• Evaluating or conducting a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our consumers is among the assets transferred.

Promotional offers from us

We may use your information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

If you do not wish to have your e-mail address/contact information used by us to promote our own or third parties’ products or services, you can opt-out by clicking the unsubscribe link in the promotional email. This opt-out does not apply to information provided to us as a result of a product purchase, service experience or other transactions.

Communications

You may voluntarily sign up for periodic communications from us or a third-party affiliate. We may send you promotional communications via email, including, but not limited to, newsletters, special offers, surveys and other news and information we think will be of interest to you. You may opt out of receiving these promotional emails at any time by following the unsubscribe instructions provided therein.

Training

To enable your enrolment and monitor your training progress towards achieving your otoscopy and microsuction certification using the Tympa system, we need to store your personal training record. This will allow us to track your progress and ensure that you are clinically safe to use the system to provide aural care services to your patients.

Referral for Audiology Service

As a data processor contracted by your ear and healthcare provider, we process your personal and medical data for the purpose of referring you to another organisation for audiology services.

The information shared includes only the data necessary for the referral, such as your contact details and relevant medical history. This data is transferred securely to the audiology provider to ensure you receive the appropriate care. We do not retain your data beyond the required period for this referral process and will take every precaution to protect your privacy throughout.

Third-Party Websites

Our website may contain links to other websites, including those of third parties or business partners. While we seek to link only to websites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use. By accessing other third-party websites or applications through our Service, you are consenting to the terms and privacy policies of those websites. It is possible that other parties may collect information about your online activities over time and across different websites when you use our Service.

Cookies

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category in your cookie settings.

The cookies that are categorised as “Necessary” are stored on your browser as they are essential for enabling the basic functionalities of the site.

We also use third-party cookies that help us analyse how you use this website, store your preferences, and provide the content and advertisements that are relevant to you. These cookies will only be stored in your browser with your prior consent.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Google Analytics

We may use Google Analytics to improve our website’s functions. You can choose not to be included in Google Analytics by visiting https://tools.google.com/dlpage/gaoptout.

Legitimate interests

Whenever we process data for these purposes, we will ensure that we always keep your personal information rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so, please see the section(s) below on updating your preferences or unsubscribing.

Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit.

Legitimate interests mean in the interest of Tympa Health Technologies Ltd in the way we carry out our work to enable us to give you the best service/products and the best and most secure experience.

For example, we have an interest in making sure that any marketing we send to you is relevant, so we may process your information to send you marketing that is of interest to you.

When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. We will always ensure that your personal data will not be used where our interests are overridden by the impact on you unless we have your consent or are required by law.

Use of Anonymous Health Data

We value your privacy and are committed to protecting your personal information. In addition to using your data for the purposes outlined in this notice, we may also use anonymised health data for research and development purposes. This anonymous data helps us improve and innovate our products and services.

We may disclose Personal Information in the following circumstances:

• With your consent
• To prevent harm to you or others
• With contractors, service providers, and other third parties we use to support our Services
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which information held by us is among the assets transferred
• To enforce any agreement, including any applicable Terms of Service
• To establish or exercise our right to defend against legal claims
• To law enforcement and other government authorities such as legislatures, courts, agencies, and litigants if we reasonably believe that such action is necessary to:
  • Comply with the law and the reasonable requests of governmental authorities
  • Comply with legal process
  • Respond to requests from public or government authorities, including public or government authorities outside your country of residence
  • Protect the security or integrity of the Services’ information systems; and/or
  • Exercise or protect our rights, privacy, safety or those of affiliates, clients, you, or others; and
  • If we reasonably believe disclosure is necessary or appropriate to protect the rights, property, or safety of Tympa Health Technologies Ltd or others
• We do not sell or share your Personal Information with anyone else for marketing purposes.

We ensure that there are appropriate technical controls in place to keep your personal information safe and prevent unauthorised access to it. For example, our online forms are always encrypted (this prevents other people from accessing them) and our network is protected and checked often.

Electronic data and databases are stored on a secure cloud database, and we control who has access to them. Our staff receive data protection and cyber security training, and we have data protection policies and procedures in place that we adhere to at all times.

We regularly review who has access to information that we hold to ensure it is only accessible by trained staff.

Where we use external companies to collect or process personal data on our behalf, we undertake comprehensive checks on these companies before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collected or have access to.

However, no data protection procedures are entirely infallible. As a result, while we strive to protect your Personal Information, we cannot guarantee that it will be 100% secure Your transmission of your Personal Information to us is thus done entirely at your own risk.

How long personal information will be retained for depends on the type of information it is and what it is being used for.

Where we are processing your information for marketing purposes, we will continue to do so until such a time as you inform us that you wish to be removed from our marketing database.

If you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (although we will keep a record of your preference not to be emailed).

The time periods for which we keep information are stipulated in our data retention policy. We review our data retention periods for personal information on a regular basis.

We continually review the information that we hold and delete anything that is no longer required.

Under data protection law, individuals (data subjects) have a number of rights which are detailed below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to your request if we are relying on any such exemptions.

Right to be informed

You have the right to be informed about the collection and use of your personal data. This Privacy Notice is one of the company’s key methods for providing you with this information.

Right to access personal data

You have a right to request a copy of the personal data that we hold about you. You should include adequate data to identify yourself and such other relevant data that will reasonably assist us in fulfilling your request. Your request will normally be responded to within one calendar month. (If we process your personal data on behalf of a Data Controller, you will need to request your information from them)

Right to rectification (correction)

You can request us to rectify and correct any personal data that we are processing about you which is incorrect.

Right of erasure (right to be forgotten)

You do not have an automatic right to have your personal information deleted. You do, however, have the right to request the deletion or removal of your personal information where there is no compelling reason for its continued processing. We will review each request on a case-by-case basis.

Right to restrict processing

You have the right in certain circumstances to request that we suspend our processing of any or all your personal data. Where we suspend our processing of your personal data, we will still be permitted to store your personal data, but any other processing of this data will require your consent, subject to certain exemptions.

Right to data portability

This right allows you to obtain your personal data in an electronic format, where the lawful basis for processing your information is consent or for the performance of a contract and, or where the data was necessary for us to provide you with our services or employment. You can request that the data be given in a format which enables you to transfer that personal data to another organisation. You may have the right to have your personal data transferred by us directly to the other organisation if this is technically feasible.

Right to object to processing of personal data

You have the right to object to your personal information being processed for direct marketing purposes (including profiling) and scientific/historical research and statistics. From the very first communication from us and every marketing communication we send after, you will have the right to object to marketing.

We will stop processing your personal information for direct marketing purposes as soon as we receive an objection from you.

Right to complain to a supervisory authority

You can make a complaint or raise a concern about how we process your personal information by contacting our Data Protection Officer.

Tympa Health Technologies Ltd

Landmark

33 Cavendish Square

London W1G 0PW

Email: [email protected]

If you are not happy with how we have handled your complaint, or you believe that your data protection or privacy rights have been infringed, you have the right to complain to the Information Commissioner’s Officer (ICO), which oversees the protection of personal data in the UK.

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Phone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.

Email ICO

Report a concern on the ICO website