We are siHealth Ltd.
We are a digital healthcare company based in Harwell Campus, Oxfordshire, United Kingdom (www.sihealth.co.uk). Our address is Building R104, Rutherford Appleton Laboratory, Harwell Campus, Didcot, Oxfordshire, United Kingdom and our company registration number is 9176652. We are registered with the UK Information Commissioner’s Office (ICO) with number ZA834797.
siHealth is a company of the Flyby Group (the ”group”), a corporate group controlled by Flyby S.r.l. (www.flyby.it – Livorno, Italy). The group operates worldwide, providing digital systems and services for supporting human decision-making in different sectors, such as Space, Energy, Security and Health & Wellness.
siHealth has a direct subsidiary inside the group, siHealth Photonics S.r.l. (www.sihealthphotonics.it – Livorno, Italy). siHealth Photonics develops digital innovations for healthcare, with particular focus on the smart management of medical conditions through Image Processing and Artificial Intelligence techniques.
We know that you care how information about you (“Your Data”) is used and shared, and we appreciate your trust in us to do that carefully, securely and sensibly. We respect your privacy and are committed to protecting your data, being committed to safeguarding and preserving the privacy of our visitors.
siHealth is the Data Controller and responsible for all personal data it receives and holds. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact us using the details set out below.
Full name of our legal entity:
Building R104, Rutherford Appleton Laboratory, Harwell Campus, Didcot, Oxfordshire, OX11 0QX, United Kingdom
Company Registration Number:
GB 303 8383 15
According to Art. 37 of the General Data Protection Regulation (GDPR), siHealth Ltd (the Data Controller) has a Data Protection Officer (DPO) which is appointed for the entire Flyby Group. Considering that the protection of personal data is of the outmost importance for siHealth, for any questions or to exercise any data subject’s right the following DPO’s e-mail address is available: firstname.lastname@example.org
Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where a person’s identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of data about you which we have categorised as follows:
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect and use Aggregated Data (as defined in this paragraph) such as statistical or demographic data for internal purposes. Aggregated Data may be derived from Your Data but is not personal data as it does not directly or indirectly reveal your identity. For example, we may aggregate information about how you use our website and services to calculate the percentage of users accessing a specific website feature, but this is anonymised. However, if we combine or connect Aggregated Data with Your Data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.
We use different methods to collect data from and about you, including through:
Automated technologies or interactions: If you interact with our website, we may automatically collect data about your equipment, browsing actions and patterns. When you visit our website, we automatically collect information about your use of our site, including details of your visits such as pages viewed and the resources that you access. Such information may include Aggregated Data, traffic data, location data and other communication data.
Direct interactions: You may give us your Identity, and Contact Data by filling in forms, or by corresponding with us by post, phone, email or otherwise. This includes the personal data you provide when you:
We will only use the information that we collect from you as follows:
We will only contact you for marketing purposes where you have given us your express consent to contact you. Once you have given us your permission to contact you for marketing purposes, we may use Your Data for one or more of the following:
You may change your mind and withdraw your permission for us to contact you for marketing purposes at any time by emailing us at email@example.com. This will not affect your use of our services.
We have put in place appropriate security measures to prevent Your Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to Your Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your Data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Please note that sending information via the internet is not totally secure and on occasion, such information can be intercepted. We cannot guarantee the security of personal information that you choose to send us electronically and sending such information is entirely at your own risk.
We will only retain Your Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Your Data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of Your Data, the purposes for which we process Your Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
During the provision of our services to you, we will retain Your Data to provide our goods or services to you.
Please note that we may keep Your Data for longer than the periods stated above if it is necessary. However, this will be assessed on a case by case basis. If we determine that it is necessary to keep Your Data for longer than the periods listed above, we will confirm this to you in writing when we have finished providing our goods and services to you and explain why it is necessary.
As set out above, we may disclose Your Data to third parties, in accordance with this Policy, in the following circumstances:
We may share your Identity, Contact and Financial Data with our External Third Parties (as set out below) to enable us to provide our services (for example, we may provide your postal address to a courier, or we may share your name, address and age with a third-party service provider in order to verify your age and identity).
We may share Marketing and Communications Data, where you have provided your express consent for us to share such with third parties for marketing purposes.
We may also share Your Data:
In the event of a joint venture, collaboration, financing, sale, merger or reorganisation of the company. If a change happens to our business, then the new owners may use Your Data in the same way as set out in this Policy.
To further fraud protection and reduce the risk of fraud (for example, to comply with anti-money laundering regulations).
In addition to the disclosures set out in “Disclosing Your Data” above, we and some of our third parties are based outside the European Union, so the processing of Your Data could involve a transfer of data outside the European Union. Whenever we transfer Your Data out of the European Union, we ensure an equal degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please email firstname.lastname@example.org if you want further information on the specific mechanism used by us when transferring Your Data outside the European Union.
In certain circumstances, you have the following rights under data protection laws in relation to Your Data. You have the right to:
If you wish to exercise any of the rights set out above, please email us to email@example.com.
You will not have to pay a fee to access Your Data (or to exercise any of the other rights set out above). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access Your Data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
For EU-based customers and contacts who have any questions about siHealth’s services and products or about anything related to data protection (GDPR), please contact siHealth Photonics Srl, who are siHealth’s representative in the European Union:
Last updated on 15th February 2022