Privacy Policy

This Privacy Policy tells you what data we collect, why we collect it and what we do with it. This Proactive Health Gateway Privacy Policy was last updated on 1 May 2021.

Introduction

Over the coming months AXA Health Services Limited will start to provide the Proactive Health Gateway; it will become the Data Controller of information which was previously the responsibility of AXA ICAS Limited. AXA Health Services Limited won’t use your personal information in new ways as a result of this change; AXA Health Services Limited complies with all Data Protection laws.

This Privacy Policy tells you about how AXA ICAS Limited and AXA Health Services Limited (‘we’ and ‘us’) use personal information that we collect from your use of the Proactive Health Gateway (‘Health Gateway’).

The Health Gateway service pools and consolidates your everyday health and fitness data from software applications and data input manually to empower and inspire you to lead a healthier and more active life. The Health Gateway also provides access to the ‘AXA Health Age’ Calculator which allows you to calculate your Health Age and provides information on how you can improve your health and reduce your health risks.

The Health Gateway may have links to the websites of other companies within the AXA Group. Each AXA Group company’s websites will contain similar details to those set out below, but these will be more specific to their business and we recommend that you view their own Privacy Policies if you visit their websites.

By accessing or using the Health Gateway on any computer, mobile phone, tablet, console or other device, you consent to this Privacy Policy. From time to time we may need to make changes to this Privacy Policy, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check back periodically to view the most up to date Privacy Policy.

Any personal information you supply via the Health Gateway (and by other means) will be treated in accordance with the Data Protection Act 2018, General Data Protection Regulation 2018 and other legislation intended to protect your personal information and privacy.

This Privacy Policy is incorporated into the Health Gateway, Terms of Use Policy, Cookie Policy and Security Policy which can be accessed on the bottom of every webpage incorporated into the Health Gateway service.

Our Privacy Principles

When we collect and use your personal information, we look after it properly and use it in accordance with our privacy principles set out below, we keep it safe and never sell it.

  1. 1. Personal information you provide is processed fairly, lawfully and in a transparent manner
  2. 2. Personal information you provide is collected for a specific purpose and is not processed in a way which is incompatible with the purpose which AXA collected it
  3. 3. Your personal information is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed
  4. 4. Your personal information is kept accurate and, where necessary kept up to date
  5. 5. Your personal information is kept no longer than is necessary for the purposes for which the personal information is processed
  6. 6. We will take appropriate steps to keep your personal information secure
  7. 7. Your personal information is processed in accordance with your rights
  8. 8. We will only transfer your personal information to another country or an international organisation outside the European Economic Area where we have taken the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards
  9. 9. AXA UK and AXA Group companies do not sell your personal information and we also do not permit the selling of customer data by any companies who provide a service to us
  10. 10. We endeavour to be transparent and clear with the way we use your personal information

What personal information do we collect and how do we collect it?

The personal information that we collect through the Health Gateway service may include:

  • Contact details such as name, email address, postal address, telephone number, date of birth and gender
  • Sensitive personal information such as height, weight, BMI, blood pressure diastolic, blood pressure systolic, bodyfat, waist, cholesterol blood glucose, smoking/alcohol consumption

Personal information may be collected:

  • through registration;
  • when you use any of our products or services;
  • when you fill out a survey, or vote in a poll on the Health Gateway;
  • through applications; and
  • through the health age calculator, health assessment tools, other personal health or wellness data sources; and through feedback forms.

We also collect information that could identify your computer to us (your IP address) and/or that tells us about how you use our websites. See the Cookies section below for more information.

How do we use your personal information?

We process your personal information for a number of different reasons and these are set out in more detail below. We only process your personal information when it is lawful to do so under Data Protection Law – one requirement is that we have a ‘legal ground’ to process personal information. When the personal information that we process is classed as sensitive personal information (for example, health information), we must have an additional legal ground for such processing.

The primary reason for processing your personal information is to enable us to provide you with the Proactive Health Gateway, including services like the health age calculator and health assessment tools. The main legal ground to process your personal information is that the processing is necessary for the performance of a contract with you or to which you are a party. When we process sensitive personal information such as your health information, or when we would like to use your information to send you marketing, we will ask for your consent.

If we ask for your consent we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you with some services.

As part of the service you will receive a monthly newsletter email communication that provides information on health and wellbeing topics as well as useful tools available to you within the Health Gateway

You can choose for additional offers and services to be included in this email. To include or remove additional offers and services from this newsletter you can confirm this on registration or head over to the Profile page within the Health Gateway to amend your settings. You can opt out of email communications at any time via an unsubscribe link within each email.

We may also process your personal information for other reasons, and rely on other legal grounds to do so:

  • Where we have a legal obligation to use such personal information, for example if the Information Commissioner's Office (ICO) wish us to maintain certain records of any dealings with you.
  • Where we need to use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves.
  • Where we have your consent to provide marketing information to you (including information about other products and services). You can withdraw your consent at any time.
  • Where we have legitimate business needs to use your personal information such as maintaining our business records, developing and improving our products and services, all whilst ensuring that the processing does not unduly interfere with your rights and freedoms and does not cause you harm.
  • Where we need to use your sensitive personal information such as health data because it is necessary for your vital interests, this being a life or death matter.

Who do we share your personal information with?

Other AXA Group and AXA UK companies help us provide services to you and store your information. This can entail us sharing your personal information with AXA companies based outside the United Kingdom or the European Economic Area. When we do this, we take steps to ensure that it is protected. Such steps may include placing the AXA company that we are transferring personal information to under contractual obligations to protect it to adequate standards. AXA companies comply with group-wide, binding Data Protection standards.

Certain services provided as part of the Health Gateway may be provided jointly with us or solely by third parties whose engagement can deliver health benefits to you. Providing these services entails processing your personal information, for instance, to provide you with an assessment of your health age, and to help you make plans to address areas of concern in your lifestyle. Your personal information may also be analysed in order to understand how effective the Health Gateway services are, and to assist in improving our processes, products and services. When you provide information on the Health Gateway, you give your consent to process your information in this way.

We may use your personal information to recommend relevant health solutions to you. Note, however - your data will never be given to any third party for marketing.

Management Information Reporting: If you’re accessing our service via your employer, we will provide Management Information reports to your employer but any information provided will be anonymised (meaning that you cannot be identified from it).

How long do we keep your records?

We will retain your records all the time you are an active user. If you are inactive for more than 2 years you will be marked as inactive and be deleted 7 years from last point of activity. If your account is in the inactive status you would need to reactive your account and accept the latest Terms of Use to be able to use the Health Gateway.

Your rights

We are committed to delivering the rights that the Data Protection Act 2018, General Data Protection Regulation 2018 and Privacy and Electronic Communications Regulations provide to individuals. This includes your right to object to your personal information being used for direct marketing. Where required, we will ensure that we obtain your consent before undertaking marketing.

You can ask us to do various things with your personal information. For example, at any time you can ask us for a copy of your personal information, ask us to correct mistakes, change the way we use your information, or even delete it. We’ll either do what you’ve asked, or explain why we can’t - usually because of a legal or regulatory issue.

The right to access, rectify, restrict and transfer your personal information

You have a right to request that any inaccurate data is corrected. You can update this data directly in the Health Gateway or by contacting us by completing this online form.

You also have the right to request a copy of the personal information that we hold about you. In certain circumstances, you have the right to ask that we transfer certain personal information that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal information. To do this, please write to us with full details of what you require, at the following address:

Quality Manager
AXA ICAS Ltd
480 Argyle Street
Glasgow
G2 8NH

The right to erasure

You have the right to ask us to delete your personal information from the Health Gateway. You can do this by logging in to the Health Gateway and heading over to Profile page. Within this page there is a button that allows you to delete your account. Alternatively please contact the Quality Manager at the address above

The right to withdraw consent:

For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to the use of your personal information. You have an absolute right to object to direct marketing.

Please note that in some circumstances we may not be able to comply with your request to exercise the above rights, for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.

Complaints

You have a right to complain to the ICO at any time if you object to the way in which we use your personal information. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/

Contact Details of the Data Protection Officer for the Proactive Health Gateway

The Data Protection Officer :
AXA Health
AXIS House
23 St Leonards Road
Eastbourne
BN21 3PX      email address: dataprotectionofficer@axahealth.co.uk

Cookies

AXA Health sends cookies to your computer and other web enabled equipment from its websites. Cookies are pieces of information that a website transfers to your computer. Cookies can make the web more useful to you by storing information about your preferences on particular websites. This allows website owners to provide more useful features for their users.

More detailed information on the cookies we store and their use can be found on our Cookie Policy which can also be accessed on the bottom of every webpage incorporated into the Gateway service.

Proactive Health Gateway - Company Details

The Proactive Health Gateway is provided by:

AXA ICAS Limited

AXA ICAS Limited trading as a division of AXA Health, is a private limited company incorporated in England and Wales with company number 02548573 and whose registered office is at 20 Gracechurch Street, London EC3V 0BG.

AXA Health Services Limited

AXA Health Services Limited is a private limited company incorporated in England and Wales with company number 05961472 and whose registered office is at 20 Gracechurch Street, London EC3V 0BG.

AXA UK Company Details

Information about companies in the AXA UK Group is available at https://www.axa.co.uk/privacy-policy/company-details/