Health Window Privacy Policy

About this Privacy Policy

This Privacy Policy is applicable to any personal information ("User Information"), which is supplied by you, the website user, to us, Health Window, and our sponsors and partners through our website ("Health Window"). This Policy is devised to help you feel more confident about the privacy and security of your personal details.

If you have any questions or requests concerning your personal information or any queries with regard to our Privacy Policy please contact our Privacy Controller by e-mail at privacy@healthwindow.co.uk

We understand that your privacy and the protection of your personal information is important to you. We take your privacy seriously and take every reasonable precaution to safeguard the personal information you supply to us.

About Health Window

"Health Window" is a trading style of Magnetise Choices Limited, Registered in Guernsey, Company Number: 71329 and Firm FCA Reference Number: 997172. Magnetise Choices is a specialist Publisher &/or direct marketing organisation. Magnetise Choices operates a number of websites and trading styles including Health Window. We work closely with some of the UK’s leading brands and companies to facilitate communication between yourself and these selected partners who are here to help provide a relevant service to you.

We provide information relating to relevant products & services to our users and put our users in contact with organisations who can advise them further and may be able to assist them.


The Data We Collect from You

The information that we collect varies depending on your enquiry; all information that you are required to submit is necessary to provide the services or product information you are looking for.

Our site enables people to request quotes or information for the product or service shown or selected on this site (the “Product or Service”).

The service that our site provides is to connect people who are looking to purchase the Product or Service with relevant providers of the Product or Service.

We do not knowingly, deliberately or aim to, collect personal data from children under the age of 18, either for registration or for marketing purposes.

We collect the following data from you:

Registration and Profile Data: When you register with us or use one of our enquiry forms we will take information from you including your name, postal address, and/or postal code, email address and telephone number.

Survey Responses and other information: When you complete an enquiry form or any survey with us the information you provide will also be collected by us and supplied to the relevant Selected Partner (also referred to as Service Providers, Product and Service Providers or Survey Sponsor).

From time to time, we change our forms, and so they may ask you for other information. It will always be clear from the form what information we’re requesting, and we only request information that is relevant to your request, and the service that we’re providing.

Once we’ve received your request (or sign-up, enquiry), we’ll connect you with one or more relevant Service Providers (Our Partners, Product and Service Providers). You’ll see on our webform that we have a really clear consent statement. This statement sets out the Service Providers that will contact you. You don’t have to buy from any of them and there’s no obligation to purchase.

We’ll tell the Service Providers who you are, and your Product requirements, and they’ll then contact you directly with your requested Quotes &/or requested Information.

Our partners including companies whose products or services are included on our Sites, with a view to them providing you with a quote, online quote, information or eligibility score for the product/service requested by you.

Some partners with whom we share your information may use it to carry out research such as analysis of market trends and customer demographics and to customise and develop the product/service which they offer to you or other individuals in the future;

You don’t have to buy from any of them and there’s no obligation to purchase.

Cookies Data – please see below.

Other Data – Details of your visits to our Site and the resources that you access, Information we may require from you when you report a problem with the Site and a record of any correspondence between you and us.

We only collect such information when you choose to supply it to us. You do not have to supply any personal information to us but you may not be able to take advantage of all the services we or our partners offer without doing so.

Information is also gathered without you actively providing it, through the use of various technologies and methods such as Internet Protocol (IP) addresses and cookies.

We also store and share Internet Protocol (IP) addresses, as explained on this page.

Every computer or device has an IP address – a unique number – which enables it to communicate with other computers and devices over the Internet. An IP address is a number assigned to your computer by your Internet Service Provider (ISP), so you can access the Internet.

We use your IP address to diagnose problems with our server, report aggregate information, and determine the fastest route for your computer to use in connecting to our Site, and to administer and improve the Site. We also store IP addresses in order to stop unwanted traffic (i.e. spam) to our site. For example, if we become aware that spam is coming from a particular IP address (i.e. computer or location), we can block that IP address.

From time to time, we also share IP addresses with Service Providers/Selected Partners to enable Service Providers/Selected Partners to verify that requests for Quotes have come from a particular country.

Cookies also help us to, understand browsing habits on the Sites; understand the number of visitors to the Sites and the pages visited; and remember you when you return to the Site so we can provide you with access to previously saved quotes.

The data will be held by us subject to this policy.

How We Use Your Data

The information with which you provide to us will only be used by us and our selected companies or partners that can provide the relevant service.

The information will be used for analytical and marketing purposes. Your data together with that of other subscribers to our service may also be combined in order of us to build statistical and analytical tables. At no time will your data be individually identifiable in such tables (in other words, no individual user is identified).

Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. We collect for personal information in order to provide you with our service and pass your details on to one of our relevant Service Providers so they can contact you (including by phone) and provide you with more information and assist you with your request, including providing quotes and relevant product information. The information we hold is held securely within Amazon AWS database. Your personal data may be used for one of the following purposes under a legitimate interest or consent basis. The method of communication will be either by telephone, email, or post. The method of communication will be determined by the consent you have provided.

  • To manage your registration on our owned sites;

  • Determine whether any of the clients or Service Providers we work with may have services, products and offers that may be of interest to you based on the preferences and permissions you have supplied to us; and

  • With consent, communicate your data to our Service Providers and/or trusted providers. You may object to this processing at any time by contacting us on the details provided below.

  • Improve and personalise our site to you, and this could be where we may market directly to you, about other relevant offers that may be of interest to you based on your preferences

  • Depending on the consents that you have provided and what personal data we hold about you, we may pass your personal data to Service Providers and/or trusted providers (third parties) who may contact you by post, email and telephone for direct marketing purposes.

  • For analysis purposes. Where this is done, the information is aggregated and wherever possible anonymised in line with the ICO’s code of practice. These products are of a marketing nature.

  • We may process your personal data ourselves or through third party data processors that will process data on our behalf. We ensure the data processor complies with this policy and all current data protection regulations.

  • Email, telephone, or postal data will only be released to third parties where you have given your consent, at the time of registering your interest on our site (or any of our supplier websites) allowing you to fully understand what you are consenting to.

  • If you consent to a call from one of our sponsors or brand partners this will override the TPS.

Under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), we send such emails on the basis of the existing customer (soft opt-in) exemption. Where we have identified legitimate interests as the legal basis for our processing, we have conducted a legitimate interests assessment. The legitimate interests can be your interests or our interests. They can include commercial interests, individual interests or broader societal benefits but we need to be able to identify a legitimate interest; show that the processing is necessary to achieve it; and balance it against your interests, rights and freedoms. With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and telephone and text message and post with information, news, and offers on our products and services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you always have the opportunity to opt-out.

We only ever send personal information to 3rd parties where you have given consent to do so. To prevent fraud and to ensure data accuracy it is necessary to submit your information for verification and filtering.

This enables us to provide our services to you, and fulfil our legal obligations. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure servers that are subject to strict security requirements.

Your registration and profile data will be used by us to send you a regular email with details of special offers or relevant updates. We will also use your Registration and Profile data to ensure that you are supplied with the most appropriate content.

All data supplied by you may be used by us for general administration purposes. We will use the data that is collected about you to help us to match you with the most relevant content and partners.

For certain products, before connecting you with relevant Service Providers, we may call you to confirm your details or requirements. We may also call you to ask about your experience using our site and service and dealing with the Service Providers with which we connected you.

To email you about similar products and services – But only if you haven’t opted out of such emails. So when you use our service and as an existing user, we would like to email you, or send you text/SMS messages, about similar products and services for which we think you might like quotes or information (“Other Products”). You will always be given an opportunity to opt out of such messages before we send them, and we will not send such messages if you have opted out.

We may also create a custom audience and/or a lookalike/similar audience. Whenever an audience is shared with a Platform (such as Facebook, Google and other similar marketing platforms), the data is first pseudonymised or artificial identifiers – which means that any data within the audience that could identify a person is replaced with an artificial identifier (i.e. removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous).

Transfer of your Data to Third Parties

When you complete an enquiry form or survey your Registration and Profile Data and your Survey Responses will be supplied by us to the selected partner/s or sponsor of the enquiry form or survey for them to communicate with you. These partners are carefully selected and will be placed to provide further advice and assistance to you. To see a list of the firms or expanded partner list please click here.

Your data may also be provided to these selected partner/s or sponsor to be added to information they already hold about you for the purposes of contacting you with information about their products and services. When they contact you these clients will seek your appropriate consent.

We may also disclose your information in the following circumstances:

  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime);

  • as part of a restructuring or reorganisation of Magnetise Choices Limited, but we will take steps with the aim of ensuring that your privacy rights continue to be protected in such circumstances;

  • to protect the rights, property, or safety of Magnetise Choices Limited, our Site’s users, or any other third parties.

The information you provide to us may be transferred to countries outside of the European Union ("EU"). If we transfer your information outside of the EU in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected as outlined in this privacy policy - for example this may include, ensuring that the organisation receiving the data is registered with the EU-US Privacy Shield (in the case of transfers to the USA), or that we use the EU’s model contract clauses.

If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services or if you’re looking for Service Providers in the USA, we may need to transfer your data to the USA.

We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation, but we will take steps with the aim of ensuring that your privacy rights continue to be protected.

Entry in Enquiry Forms, Questionnaires, Surveys and Offers

By participating or submitting a survey or enquiry form you are agreeing to allow us to transfer both your Registration and Profile Data and your Survey Responses to the selected companies or our sponsors who will provide a relevant service or communicate further about offers / services for you. By completing the survey or enquiry form you are "opting-in" to the transfer of that data.

We are keen to ensure that the principals of "opting-in" are clearly explained. This means that when you participate in an enquiry form or sponsor question, you understand that you may be contacted by us or the sponsoring or selected company based on the information you provide.

Data Protection Rules and Regulations

Your information will always be safeguarded under the terms and conditions of the Data Protection Act to ensure that the information you provide us with is safe and only used for the purposes you requested.

We have appointed a UK GDPR representative (see below), Magnetise Media Limited, Magnetise Media Limited is registered with the Information Commissioner’s Office under registration number Z1251409. To learn more about Data Protection please visit ico.org.uk

We will comply will all data protection legislation and we also comply with the best practice guidelines laid down by the Direct Marketing Association (of which we are a member).

We will not disclose your personal data to third parties without your permission to do so as set out above. When you enter into a sponsor’s offer or enquiry form you will be consenting to the disclosure of your personal information to that sponsor or to the selected companies who provide a relevant service with regards to your enquiry.

Retention of Data

We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we'll refer to these criteria in order to determine retention period:

  • Whether we have a legal or contractual need to retain the data;
  • Whether the data is necessary to provide our Service;
  • Whether our Members have the ability to access and delete the data within their Health Window accounts;
  • Whether our Members would reasonably expect that we would retain the data until they remove it or until their Health Window accounts are closed or terminated;
  • When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible ;

If you ask for your account to be closed, we will do this as soon as is reasonably possible subject to any applicable terms and conditions relating to the account. Personal information from closed accounts is retained in order to comply with legal obligations, prevent fraud and to resolve disputes.

Unsubscribe

You can unsubscribe from the Health Window service at any time according to your requirements through ticking the unregister option.

The consequences of unregistration are that your account details will be placed in a suppression file and you will not receive any further email communications from the Health Window service but you may have to separately unsubscribe from communications from our partners as we may have disclosed information to them when you unsubscribe from Health Window.

At the bottom of every email that we send out you will be provided with clear information on how you can unsubscribe.

You can exercise your right to withdraw consent by accessing our preference management page.

Security

We are committed to protecting the security of your personal information.

You must type the correct password to access your account information. It is your responsibility to ensure the security of your password and not to reveal this information to others.

We use a variety of security technologies and procedures to protect the confidentiality, integrity and availability of Your User Information. For example, we store the personal information you provide on computer systems with limited access, which are located in controlled facilities.

Although we endeavour to ensure the security of all correspondence, the Internet is not a 100% secure medium. Therefore, we are unable to guarantee the security of any data you send electronically to us and therefore cannot accept responsibility for any loss or damage experienced through any loss of confidentiality of information.

Cookies

Our use of cookies is important to allow members to be presented with a personalised version of the site. We will only read cookies from your cookie file placed there through your web browser’s interaction with the site. See more at www.aboutcookies.org.uk.

You should be aware that by using the site, information and data may be automatically collected through the use of Cookies. Please note, Cookies do not attach to your system or damage your files.

"Cookies" are small text files that store basic information that a web site can use to recognise repeat site visits and, as an example, recall your name if this has been previously supplied. We may use this information in order to monitor and improve the Site and our services and to target enquiry forms or surveys and advertising more effectively.

If you do not want information collected through the use of Cookies, there is a simple procedure in most browsers that allows you to deny or accept the Cookies feature. Note, however, that there may be some deterioration in the service you receive and "personalised" services may be affected if the Cookies option is disabled.

We also use cookies to improve the login experience. For example, we may store your login details in a cookie that will remain on your computer after you log out. This cookie allows you to be automatically logged in the next time you visit the Site. If you are using a public computer or do not otherwise want this information to be stored, you can uncheck the "remember me" tick box when you log-in or register, and this cookie will not be used.

If you do not disable the setting of Cookies, you consent to your information being collected and used as set out in this Privacy Statement.

Your Rights

You have certain rights under existing data protection legislation including the right to request a copy of the personal information we hold about you, if you request it from us in writing. We further explain these rights, and your other rights, below.

From May 2018 you will have the following rights:

(i) Right to access: the right to request copies of your personal information from us;

(ii) Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete;

(iii) Right to erase: the right to request that we delete or remove your personal information from our systems;

(iv) Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it;

(v) Right to data portability: the right to request that we move, copy or transfer your personal information;

(vi) Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or where we use your personal information to carry out profiling to inform our market research and customer demographics.

With regards to the activity of connecting you with relevant Service Providers or getting communication from us (such as contacting you to confirm your details or requirements or updating you with offers on our products and services), we do this under the Consent Lawful basis for which you have the right to withdraw your consent (as described on this page).

You can exercise your right to withdraw consent by accessing our preference management page. Alternatively, you can write to us at; Compliance Manager, Magnetise Choices Ltd, PO Box 20, Les Echelons Court, Les Echelons, St Peter Port, Guernsey, GY1 1AR or email us at: compliance@magnetisechoices.com

To make enquiries, exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact our Data Request Team at compliance@magnetisechoices.com

If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office.

This Privacy Policy shall be governed and construed in all respects in accordance with the laws of Guernsey.

Complaints Procedure

A complaint may be registered by contacting us at customersupport@healthwindow.co.uk or by writing to us at Health Window,Magnetise Choices, PO Box 20, Les Echelons Court, Les Echelons, St Peter Port, Guernsey, GY1 1AR. We will acknowledge your complaint within 5 working days and respond in full within 20 working days. If you are unhappy with our response to your complaint you have the right to escalate the matter to our industry regulator the Direct Marketing Authority or depending on the nature of your complaint you may choose to escalate the matter to one of the below regulators or authorities.

UK GDPR Representative

Our UK GDPR representative who has been appointed in accordance with Article 27 of the UK GDPR is Magnetise Media Limited. Our GDPR representative is entitled to represent us and act on our behalf with respect to data subjects who are in the UK.

If you are in the UK and have any query or complaint in relation to data protection or your data rights please contact our GDPR representative.

Our GDPR representative can be contacted at info@magnetisemedia.com or +44 (0) 20 7078 8298.

For the purposes of this privacy policy UK GDPR shall mean the General Data Protection Regulations (EU) 2016/679 (“GDPR”) as retained EU law version of the GDPR.

Useful Links

We are keen to promote the best interests of consumers and how their personal data is used; for further information about data protection you can visit:

The Direct Marketing Association – dma.org.uk
The Citizens Advice Bureau – www.citizensadvice.org.uk/
The Legal Ombudsman – www.legalombudsman.org.uk
The Information Commissioner – ico.org.uk
For additional information on the data protection act please visit – ico.org.uk

If you have questions regarding this Privacy Statement, please contact us at:
Health Window
Magnetise Choices Ltd
Registered in Guernsey (Company No. 71329)
Address: PO Box 20, Les Echelons Court, Les Echelons, St Peter Port, Guernsey, GY1 1AR