PRIVACY IS AT OUR CORE
We value the trust you place in SiSU Wellness to measure, track and improve your health and wellbeing. We allow you to decide what information you share with us and we have strict controls to ensure your privacy is not compromised.
HOW WE SAFEGUARD YOUR PRIVACY
THE CHOICE IS IN YOUR HANDS
We give you the power to decide what information is used and how it is shared. We respect that your personal data is private and not to be abused. All information is given voluntarily by the user and we will make all your data choices clear and open. We provide you with choices to help support your health needs.
Our SiSU Health Stations, online Health Risk Assessment and online SiSU Portal are all designed to support you in understanding and improving your health. We need to collect some health information and demographics to achieve this.
We treat this data with utmost importance, developing our service with privacy by design, and storing personal information separately from health data. We provide you with full data rights under the EU’s GDPR legislation.
Whilst we have agreements in place with third parties you may choose to share your data with, you should review their data privacy policies for how they manage data you voluntarily share.
Our analytics platform does not include personally identifiable information and is separate from our central database.
3RD PARTY VISIBILITY
We do not sell, lease or rent your personally identifiable data to any third parties without your explicit consent. This includes your employer and insurers.
However we do share aggregate, de-identified information with third parties for them to gain health insights on large groups of users. This includes our research partners, with whom we hope to develop predictive models to understand likelihood of future disease and help prevent this for our users.
WE LOCK DOWN YOUR DATA
Your health data deserves the highest level of security. Accordingly we have achieved Information Security certification (ISO 27001), Quality Standards certification (ISO 9001), and are finalising medical device certification (ISO 13485).
We use hardware, software and physical security measures to protect our SiSU Health Stations, SiSU Portal, and our database where information is stored. We use individual-record level encryption on our data when stored. Data is encrypted in transit using compliant Transport Layer Security (TLS). SHA-256 SSL Certificates are used. Our system is only accessible over secure connections (HTTPS/TLS 1.1 or later).
If you have any questions about the ways in which we use or disclose your aggregate or personally identifiable information with your consent, please email us at firstname.lastname@example.org.