Privacy Policy & Cookie Policy

At Hertility Health our mission is to build a reproductive revolution by putting an accessible and affordable health service in the hands of women everywhere. We are proud to be pioneering novel and extensive research so that people globally can benefit. We have the power to equip ourselves and others with knowledge and insights that previous generations have been deprived of. This is a privilege. By the combined insights from this research, we can build a powerful infrastructure of data-driven change.

We are passionate about privacy. We strive to comply with the UK Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as amended), together with any applicable implementing or supplementary national legislation including the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended); the Investigatory Powers Act 2016 and the Investigatory Powers (Interception by Businesses etc. for Monitoring and Record-keeping Purposes) Regulations 2018; and to be market leaders when it comes to healthcare and privacy.

We are proud to be ISO/IEC 27001 certified. This is an international accreditation awarded to organisations that set high standards for handling information securely. When you use Hertility Services, you are trusting us with your personal data. We are committed to being transparent and keeping that trust, and we will take steps to protect your rights and data.

This policy explains how we may use your personal data. We want to help you understand how we work with your data, so that you can make informed choices and be in control of your information. We invite you to spend a few moments understanding this policy. Please make sure you check this policy and if you don’t agree with it, then you shouldn’t use our site or service. We may update this policy from time to time and, if we make any material changes, we will notify you when we do so. We will provide you with the opportunity to review such changes. By continuing to use our products and services after the changes have been made and we have notified you of them, the way we use your personal data will be subject to the terms of the updated policy.

This policy also explains how we use your personal data for our healthcare services and products, including, amongst others, any private service. It also governs the use of your data through any of our websites and or apps, including the Hertility Health website and app.

This policy covers:

• Who we are;
• What personal data we hold and how we get it;
• What we use your personal data for;
• Sharing your personal data;
• Handling, storage and destruction of your information;
• Retention;
• How we store and move your data;
• Your rights; and
• Cookies

If you have any further questions about how we process your information, please don't hesitate to get in touch by contacting our Data Protection Officer:

Address: Data Protection Officer, Hertility Health, 5th Floor, Great Portland Street London, England, W1W 5PF

Email: privacy@hertilityhealth.com

Who we are

Hertility Health Limited is a company registered in England and Wales (number 11814367). The registered office for our company is 167-169 Great Portland Street, 5th Floor, London, W1W 5PF

Your relationship is with Hertility Health Limited. When this policy talks about ‘Hertility Health’, ‘the Company’ or ‘us’ or ‘we’, it means Hertility Health Limited.

What personal data we hold and how we get it:

We use the following categories of personal data:

Personal details

When you register with us, you complete forms and provide us with basic information about yourself, such as your name, date of birth, physical address, and email address. If you provide us with your email address: we may use it to send information, unless you have told us not to do so.

On the app registration screen, you can give us permission to process health data to provide the Services.

To fulfil our contractual obligations to you in order to provide the Services to you: We may process your personal data to fulfil our contractual obligation to you such as account management and other administrative purposes. We may be obligated to process some of your personal data to comply with applicable laws and regulations

Health and medical information

When you register with us, either on our website or through our app, and when you take our Online Health Assessment questionnaire and use our services, you are sharing information about your health, symptoms, treatments, consultations and sessions, medications, and procedures. We get this information directly from you.

When you use our Services, we collect information about your health, including:

Your interactions with our Services, like using our Online Health Assessment with our inbuilt symptom checker or other digital services which may include but not be limited to details of:

• General health and lifestyle;
• Symptoms, treatments and medications;
• Information obtained from your Hertility Kit blood test results from the laboratory as well as the doctor’s comments on your Health Hub dashboard.
• Information supplied in respect of your menstrual cycle, lifestyle factors and symptoms.
• Consultations, like notes, recordings, and transcripts from teleconsultations.
• Consultations with our referral clinical service and scanning partners.
• Your willing disclosure or input of detail in any correspondence with our team.

These interactions may be shared with our clinical staff so that we can provide you with personalised and accurate healthcare, and so that we can provide a better experience.

When you use the Services, you can choose to input personal data about you, such as your weight; height; body mass index (BMI, a value derived from the mass and height of a person); body temperature; menstrual cycle dates; details of your pregnancy (if you select the pregnancy mode); other symptoms that are related to your menstrual cycle, menopause, pregnancy, general well-being and health; symptoms, which may include information relating to your sex life; or other information, like your physical and mental well-being.

Financial Information

If you make any payments on the website, your credit/debit card details are processed directly by a third party processor that will store all payment information and transaction details. We will only retain details of transactions on secure servers and we will not retain your credit or debit card information.

Technical information and analytics

When you use our website, we may automatically collect the following information where this is permitted by your device settings:

• technical information, including the address used to connect your mobile phone or other device to the Internet, your login information, system and operating system type and version, browser or app version, time zone setting, operating system and platform, and your location (based on IP address); and
• information about your visit, including products and services you viewed or used, website response times, interaction information (such as button presses) and any phone number used to call our customer service number.

We work with partners who provide us with analytics and advertising services (for our services only and not for third party advertising). This includes helping us understand how users interact with our services, providing our advertisements on the internet, and measuring performance of our services and our adverts. Cookies and similar technologies may be used to collect this information, such as your interactions with our services.

What we use your personal data for:

The purposes for which we use your personal data and the legal grounds on which we do so are as follows:

Providing you with a service

We need your personal information to enter into a contract with you and deliver services.

We use your financial details to charge you if you use our paid service or buy our products. Where necessary, we may need to share personal and financial details for the purposes of fraud prevention and detection.

We use your health and medical information to provide you with a healthcare service, including when it's in your vital interests. This includes giving you health advice, as well as diagnosis and treatments if you use our clinical services (our video and audio consultations, where you can talk with one of our medical professionals).

This information is based on:

• Providing you or planning for healthcare services in our 'legitimate interest' (outlined below).
• Performing tasks in the public's interest (for example, our research initiatives).
• Your consent (for example, when you use our private service and agree to share information with the clinic or clinician).

The health and medical information we use includes, but is not limited to:

• Information supplied in our Online Health Assessment.
• Information obtained from your Hertility Kit blood test results from the laboratory as well as the doctor’s comments on your Health Hub dashboard.
• Information supplied in respect of your menstrual cycle, lifestyle factors and symptoms.
• Consultations, like notes, recordings, and transcripts from teleconsultations.
• Consultations with our referral clinical service and scanning partners.
• Your willing disclosure or input of detail in any correspondence with our team.

We may use fully anonymised medical information to improve our healthcare products and services, and our artificial intelligence system, so that we can deliver better healthcare to you and other Hertility Health users. This medical information (deidentified in the way described above) may include your interactions with our artificial intelligence services, such as our symptom checker. This does not involve making any decisions about you – it is only about improving our products, services and software so that we can deliver a better experience to you and other Hertility Health users, and help achieve our aim of making healthcare affordable and accessible to everyone. Strict confidentiality and data security provisions apply at all times. With your consent, we share this information with partner health services for consultations and/or scanning. This is so we can give you the right care, including when it's in your vital interests. These services may include:

• Our in-house clinician, nutritionist, specialist or counsellor, if you use our teleconsultation service.
• Our referral clinical service partners.
• Referrals to scanning providers including pregnancy scanning services.

We use your location to recommend services near you, like clinics or scanning facilities, if the services are available in your region.

By obtaining a Hertility test and sending your sample to our partner laboratory, you are giving Hertility and its partner laboratory your informed consent to perform the tests you have requested and to share the necessary information for them to conduct confirmatory analysis of your sample and/ or your results. We also take it as apparent that you are consenting to being contacted by the phone number and/or email you provide on any form in relation to your blood test request.

When you purchase or use our products and services, we will collect and process data concerning health, including blood samples, test information or any further information we might receive from our partner accredited laboratories. When you activate a service or product, we will collect and process information relating to your personal health record as well as a suitability questionnaire to confirm that the service or product is appropriate to your needs. By obtaining a Hertility test and results we will ask you to give Hertility and its partner clinics your informed consent to review the results you have requested so that we can direct you to the best service that is most appropriate to your needs. You can withdraw your consent to this processing at any time by emailing us at privacy@hertilityhealth.com.

Please be assured that we don't collect or store DNA, blood or any additional 't been requested by you. Our labs are UKAS compliant and they dispose of your samples immediately and at least within 7 days, as per lab policy.

Depending on how you access our services, we get your location from your phone, internet browser, IP address or postal address.

We may share your personal data with companies we have hired to provide services on our behalf, including those who act as data processors on our behalf, acting strictly under contract in accordance with Article 28 GDPR. Those data processors are bound by strict confidentiality and data security provisions, and they can only use your data in the ways specified by us.

Improving our services

We may use fully anonymised health and medical information to improve our services, including our artificial intelligence systems. This helps us deliver better healthcare to you and other Hertility users.

We remove details that could identify you from this information, such as your name, address and contact details. These are called 'personal identifiers'.

The information we collect (with your personal identifiers removed) includes information from your:

• Information supplied in our Online Health Assessment.
• Information obtained from your Hertility Kit blood test results from the laboratory as well as the doctor’s comments on your Health Hub dashboard.
• Information supplied in respect of your menstrual cycle, lifestyle factors and symptoms.
• Consultations, like notes, recordings, and transcripts from teleconsultations.
• Consultations with our referral clinical service and scanning partners.
• Your willing disclosure or input of detail in any correspondence with our team.

This doesn't involve making any decisions that would have a big effect on you. We only use this information to deliver a better experience to you and for other Hertility users. This explicit consent relates to when we use your personal data.

Helping health research

We may use fully anonymised data for health research. For example, to better understand health behaviour, disease risk or health outcomes.

Shockingly, there is no long-term dataset on female gynaecological pathologies. This needs to change so that real insight and research can be done to help women globally. We believe that the lack of current and concise data is what’s holding us back and we’ve been held back for long enough. By completing our Online Health Assessment questionnaire you're sharing vitally important data with us that we'll use anonymously and in aggregate to help solve this problem.

We may publish our research results (with fully anonymised data) in peer-reviewed journals or by working with academics.

We may conduct research with partner organisations such as universities or other academic institutions.

The type of information we collect includes your:

• Information supplied in our Online Health Assessment.
• Information obtained from your Hertility Kit blood test results from the laboratory as well as the doctor’s comments on your Health Hub dashboard.
• Information supplied in respect of your menstrual cycle, lifestyle factors and symptoms.
• Consultations, like notes, recordings, and transcripts from teleconsultations.
• Consultations with our referral clinical service and scanning partners.
• Your willing disclosure or input of detail in any correspondence with our team.

We remove any details that could identify you from this information. This includes your name, address and contact information.

Our research follows the Declaration of Helsinki ethical principles, which were developed by the World Medical Association.

As part of our research, we may use your contact details to invite you to take part in clinical trials.

Using your data when it's in our 'legitimate interest'

We sometimes analyse your data and how you use our products to help us manage our business better.

Based on our legitimate interest in managing and planning our business, we may analyse data about your use of our products and services to, for example, troubleshoot bugs within the website, forecast demand of service and to understand other trends in use, including which features users use the most and find most helpful, and what features users require from us. This does not involve making any decisions about you - it is only about improving our website so that we can deliver better services to you. Strict confidentiality and data security provisions will apply at all times.

This doesn't involve making any decisions that would have a big effect on you. If this information is used alongside your personal data, we will make sure that our interests never come before your rights.

Keeping you up to date

We may contact you when marketing our service. This includes sending you product updates, surveys and marketing information. You can opt in or out at any time. You can also choose if you want to get app notifications in your device settings.

As part of providing you with a healthcare service or public service, we may send you health information by text message, email or in other ways. For example, we may send you public health messages or invite you to book an appointment for a screening programme, such as cervical cancer screenings based on our legitimate interest in marketing our services to you and subject to your right to opt out at any time.

Regulating the quality and safety of our service

We use your health and medical information for legal, safety, training, regulatory, and compliance purposes.

This means that:

• We may also store your medical information, such as your interactions with our digital services, for safety, regulatory, and compliance purposes. For example, we may need to review your information and, where necessary, make disclosures in compliance with reasonable requests by regulatory bodies including the MHRA and Care Quality Commission, or as otherwise required by law or regulation.
• Where necessary for safety, regulatory and/or compliance purposes, we may audit consultations and your other interactions with our services. Strict confidentiality and data security provisions will apply at all times to any such audit and access.
• We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.
• To detect and prevent fraud, we may need to share your personal and financial information with banks, financial institutions and fraud prevention services.

Except as described above, we will never share your personal information with any other party without your consent.

How we use your data to help you

We need to keep a record of the care you receive to ensure that:

• Professionals involved in your care have accurate and up-to-date information;
• We have all the information necessary for assessing your needs and providing excellent care;
• Your concerns can be properly investigated if you raise a complaint.
• Accurate information about you is available if you:

(a) Move to another area

(b) Need to use another service

(c) See a different healthcare provider

Below, we describe the purposes for which we process your personal data and our lawful bases for doing so, including some basic examples:

Principles of processing

Data minimisation and purpose limitation: We will not process personal data in a way that is incompatible with the purposes for which it has been collected or authorised by you or collect any personal data that is not needed for the mentioned purposes.

No sale of personal data

We will not sell or rent your personal data for monetary gain. We will not disclose your personal data except as otherwise described in this Privacy Policy. We will share your personal data with our service providers who support our services as described in this Privacy Policy.

Information obtained from third party services

You may choose to connect your existing accounts with other providers (such as a social media provider) to your account with us. This may, for example, make it easier to create an account with us. If you choose to do this, we will receive limited information about you from that provider, such as your email address, name, and other sign-up related details.

Collection and Usage of Information

Where you purchase our Hertility test, we will need to collect the following information from you:

• your personal details, including your name and date of birth;
• contact information, including your telephone number, email address and delivery address;
• any answers to the Online Health Assessment;
• any queries that you raise with us, for instance, you may submit a question by email to us about the test; and
• all other information that you choose to provide us.

Our third party payment provider will need to collect your payment details in order to process your order for us. In order to carry out the testing, we will also need to collect your blood sample ("Sample"). We will receive and store your test results, all related correspondence, materials and information from our third-party testing laboratory.

We will only use the data that we collect about you for the following purposes and in accordance with your preferences:

• to deliver the test kit to you, so that your Sample can be collected;
• to perform the test, our third-party laboratory will perform the test on the Sample which you have provided to us;
• to analyse your test result, we will review the results received from our third-party laboratory so that we can provide you with a report;
• to improve our product and carry out research into reproductive health and fertility;
• to contact you about your test, we will contact you once your results are ready to view on your personal dashboard, or if there is a problem with your test, or if we have further information about your order or test results;
• to respond to your queries that you submit through our website or via any other communication medium such as email or letter regarding your test;
• to contact you about new test services or similar services;
• to help us to improve our website and/or application, including its content, layout and navigation;
• to verify your user credentials when you attempt to login to the website;
• to analyse user traffic and other metrics relating to the use of our website.

We will not use your Sample related information for any other purpose without your explicit consent.

Sharing your personal data with others

• We may share your personal data with members of our corporate group and our partners. This is to help us deliver our services to you.
• We may share your personal data with companies we have hired to provide services on our behalf, including those who act as data processors on our behalf, acting strictly under contract in accordance with Article 28 GDPR. Those data processors are bound by strict confidentiality and data security provisions, and they can only use your data in the ways specified by us.
• We may share with our commercial partners aggregated data that does not personally identify you, but which shows general trends, for example, the number of users of our service.
• We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.
• Except as described above, we will never share your personal information with any other party without your consent.

Handling, storage and destruction of your information

We impose appropriate obligations to protect the security and privacy of your information where we use third-party providers. The tests carried out on your Sample are only those that you have agreed to being run. Your Sample will be sent to our third party testing laboratory so that they can perform the test. Once the test has been performed, the Sample will be destroyed.

Retention periods

We retain your health details in accordance with national best practice guidance - in particular, advice provided by the Department of Health (2006) Records management: NHS code of practice, and summary guidance issued by the British Medical Association.

We follow advice from these bodies on how long to keep the information found in your medical records. This is called a 'retention period'.

We might also keep some information that doesn't identify you to help improve our business and our services.

In some circumstances, we might keep data longer if the law says we have to.If you want to see any of this information while we have it (in its 'retention period'), you can ask for it by emailing us at: privacy@hertilityhealth.com.

How we store and move your data

Personal details, health and medical information

Your data, including your personal health and medical information, is stored on secure servers on encrypted databases hosted by AWS within the UK and EU. This includes information like:

• Your contact details
• Your information supplied in our Online Health Assessment.
• Your information obtained from your Hertility Kit blood test results from the laboratory as well as the doctor’s comments on your Health Hub dashboard.
• Consultations, like notes, recordings, and transcripts from teleconsultations.
• Consultations with our referral clinical service and scanning partners.
• Your willing disclosure or input of detail in any correspondence with our team.

If you've chosen a password or authentication method to access the website/ app, you're responsible for keeping this password and/or authentication method confidential. Please don't share it with anyone.

We encrypt data transmitted to and from the website. Once we have your information, we use strict procedures and security features to try to prevent unauthorised access. We will take all steps reasonably necessary to make sure that your data is treated securely.

In certain cases, we transfer and store certain information outside the EEA, such as to the United States. In such cases, we use a legal mechanism known as “standard contractual clauses” to protect information transferred outside the EEA. Standard contractual clauses refer to contracts between companies transferring personal information that contain standard commitments, approved by the European Commission, protecting the privacy and security of the information transferred.

Your rights

As indicated above, whenever we rely on your consent to process your personal data, you have the right to withdraw your consent at any time by contacting us. You also have specific rights under the GDPR and DPA to:

• Wherever we process data based on your consent, withdraw that consent at any time.
• Understand and request a copy of information we hold about you. For other information, you can make a request by email;
• Ask us to rectify or erase information we hold about you, subject to limitations relating to our obligation to store medical records for prescribed periods of time;
• Ask us to restrict our processing of your personal data or object to our processing; and
• Ask for your data to be provided on a portable basis.

You may also contact the Information Commissioner's Office (the data protection regulator in the UK): Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, telephone: 0303 123 1113 (local rate).

Cookies

This Cookie Policy governs the use of cookies through any of Hertility’s (‘Hertility’) websites and Apps (“Hertility Platform”).

What is a cookie?

Cookies are small text files, like a tag, that are stored on your computer, phone or tablet when you visit a website. They are created when you use your browser to visit a website that uses cookies to keep track of your movements within the site, help you resume where you left off, remember your registered login, theme selection, preferences, and other customisation functions.

Cookies are widely used by website owners in order to make their websites work more efficiently, as well as to provide reporting information.

Cookies set by Hertility are called "first party cookies". Cookies set by parties other than Hertility are called "third party cookies". Third party cookies enable third party features or functionality to be provided (e.g. like advertising, interactive content and analytics). The parties that set these third party cookies can identify your computer when it visits the website in question, as well as when it visits certain other websites.

How do cookies effect my privacy?

You can visit the Hertility Platform without revealing your personal details. We may ask you for personal information so you can use our services. Full details of how we collect information, how we use it, how we keep it and how we disclose it can be found in our Privacy Policy.

We have a legitimate interest in using any personal information collected through our cookies, so that we can constantly improve the Hertility Platform and our services.

Why do we use cookies?

We use cookies for several reasons. Some cookies are required for the technical support of the Hertility Platform operation, and we refer to these as "essential" or "strictly necessary" cookies. Other cookies also enable us to track and target the behaviours and interests of our users to enhance their experience on the Hertility Platform.

The specific types of first and third party cookies served through the Hertility Platform and the purposes they perform are described in below:

What about other tracking technologies, like web beacons?

Cookies are not the only way to identify or track visitors on a website. We may use other, similar technologies from time to time, like web beacons (sometimes called "tracking pixels" or "clear gifs"). These are tiny graphics files that contain a unique identifier that enable us to recognize when someone has visited the Hertility Platform or opened an email that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within the Hertility Platform to another, to deliver or communicate with cookies, to understand whether you have come to the Hertility Platform from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of email marketing campaigns. In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functioning.

How to manage cookies?

You can accept or refuse cookies. Accepting cookies is usually the best way to make sure you get the best from the Hertility Platform. If you use a different device, computer profile or browser you will have to tell us your preferences again.

Most computers and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.aboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the Website.

Contact us

For any questions or concerns, you can contact us by sending an email to privacy@Hertilityhealth.com.