The Little Journey app has been created by Little Journey Ltd. (Company Number 11519201).
Sections of the Little Journey app are aimed at children aged between 3 and 12. We take children’s privacy very seriously and rely on consent from a parent or guardian before storing any user data. If you are under the age of 13 please make sure you have permission from your parent or guardian before you use the app. If you discover that your child has been using the app without permission, please contact us to have any relevant data deleted.
IMPORTANT INFORMATION AND WHO WE ARE
Little Journey Ltd. (Company Number 11519201) is the controller and is responsible for your personal data (collectively referred to as “we”, “us” or “our” in this policy).
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues or other competent supervisory authority of an EU member state if the App is downloaded outside the UK.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.
THIRD PARTY LINKS
The Little Journey application from time to time may contain links to and from the websites of our partner networks, advertisers and affiliates. Please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as Contact and Location Data. Please check these policies before you submit any personal data to these websites or use these services.
THE DATA WE COLLECT ABOUT YOU
We may collect, use, store and transfer different kinds of personal data about you as follows:
- Identity Data: including Parent’s/guardian’s first name and Child’s date of birth.
- Device Data: Device brand name e.g. Motorola, Apple. Device Category e.g. Mobile or tablet. Device name e.g. iPhone XS or SM-J500M. Operating systems version e.g. MAC OS X 10.2
- Content Data: including the Date of procedure and Hospital tour selected.
- Profile Data: including Questionnaires and surveys related to your experience
- Usage Data: includes details of your use of any of our App, but not limited to, traffic data, other communication data and the resources that you access.
- Location Data: includes your current location disclosed by GPS technology (only active when using the app)
Following six-months after your procedure date (as inserted into the App by you) we convert all the above information into non-identifiable aggregate data that is used for statistical purposes to improve the App. This information, grouped with all other App users at your selected Hospital, may be shared with this hospital for them to improve their services. It is not possible for the hospital or our team to identify you or your child from this information.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
HOW IS YOUR PERSONAL DATA COLLECTED?
When you first download the app, we ask you to consent to us monitoring how you and your child interact with the App and how you/your child feel about coming to hospital. You have two choices at this point:
If you click “no thanks” then you can continue to use the App and no personal identifiable information of any sort will be collected. This would prevent us trying to improve the App or the experiences of children coming to hospital for a procedure.
If you click “I want to help” then you are asked to set up an account by providing an email address which must then be verified by confirmation within an email. If you set up an account, we will collect and process the following data about you:
- Information you give us. This is information (including Identity and Contact) you consent to giving us about you, for example, via the App or by corresponding with us (for example, by email or chat). It includes
- (a) Patient Data: We may collect and process the following data about you:
- Your child’s date of birth. This information is stored on the device the App is downloaded onto only. This information is used to tailor the content of the App to your child’s predicted level of understanding based on their age. We use this information to inform you through push notifications (which you can opt out of) when the optimum time to use the App is, which varies according to your child’s age. This information is converted to an age in years, e.g. six-years old, and stored indefinitely as part of the non-identifiable aggregate data.
- Date of procedure. This information is stored on the device the App is downloaded onto only. It is used to tailor the content of the App to your specific point in your hospital journey visit. For example, the day before the surgery we will provide you with information about what to bring to hospital. We also use this information to deliver questionnaires and surveys at the right time, such as the Friends and Family test which is performed in the first 24-48 hours after being discharged from hospital. We link your use of the App and any surveys you complete to the date of your procedure within our dataset by converting it to a non-identifiable form. For example, the date of the procedure becomes Day 0, the day after surgery D1+ and the day before surgery D1-.
- The parents/guardians first name. This information is used to personalise the app to you by referring to you by your name. This information is only stored on the device the App is downloaded onto only. This information is not stored as part of the aggregate data.
- Your Hospital. Users are able to select the hospital where their child’s procedure is occurring. The content of the App will then be tailored to this hospital including but not limited to the rooms which you’ll visit on the day of the procedure (as provided by that hospital), that hospitals advice on fasting times before surgery and their contact information. This information is stored indefinitely as part of the non-identifiable aggregate data and linked with traffic data and questionnaire/survey results.
- (b) Survey data: we may request that you complete surveys/questionnaires while you use the App, including but not limited to:
- How satisfied you are with the care you received on the day of the procedure?
- How you are feeling about your child’s procedure?
- How prepared you are feeling about coming to hospital?
- The Friends and Family test
- If your child’s behaviour has changed after their hospital visit?
- If you’ve had to visit or telephone a healthcare professional after your hospital visit?The results of these surveys/questionnaires will be linked with your child’s age, the hospital you have visited and your email address and stored for a period of six-months after the date of the hospital visit within our secure database. Following this six–month period, we will delete your email address but continue to store the remaining non–identifiable information and survey results indefinitely. This non-identifiable information will be used to help guide us how to improve the Little Journey app for future children and their parents who are having a healthcare procedure by assessing if any changes to the App improve satisfaction levels or behaviour outcomes following the procedure. We will also supply the anonymous results of the surveys/questionnaires to hospitals for them to improve their services.
- (a) Patient Data: We may collect and process the following data about you:
Additionally, if you contact us, we will keep a record of that correspondence.
- Location Data. We use GPS technology to determine your nearest hospital to aid your selection of the hospital to explore. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings.
- Information we receive from other sources including third parties and publicly available sources. Each time you use our App we will automatically collect personal data including Device, Content and Usage Data. This data is collected through a third-party provider, Google Analytics for Firebase, whenever you sign in to use the App. This usage data allows us to improve the App by focussing on the areas of the app that users visit the most and improving the areas that are not being used. Google analytics for Firebase collect certain information when you sign in to the app to assist with traffic use, including:
|Age||Text||Identifies users by six categories: 18-24, 25-34, 35-44, 45-54, 55-64, and 65+.|
|App Store||Text||The store from which the app was downloaded and installed.|
|App Version||Text||The version Name (Android) or the Bundle version (iOS).|
|Country||Text||The country the user resides in (based on IP address)|
|Device Brand||Text||The brand name of the mobile device (e.g., Motorola, LG, or Samsung).|
|Device Category||Text||The category of the mobile device (e.g., mobile or tablet).|
|Device Model||Text||The mobile device model name (e.g., iPhone 5s or SM-J500M).|
|First Open Time||Number||The time (in milliseconds, UTC) at which the user first opened the app, rounded up to the next hour.|
|Gender||Text||Identifies users as either male or female.|
|Interests||Text||Lists the interests of the user (e.g., “Arts & Entertainment, Games, Sports”).|
|Language||Text||The language setting of the device OS (e.g., en-us or pt-br).|
|New/Established||N/A||New: First opened the app within the last 7 days.
Established: First opened the app more than 7 days ago.
|OS Version||Text||The version of the device OS (e.g., 9.3.2 or 5.1.1).|
- In addition, we collect traffic (usage) data including, but not limited to: App preferences such as Hospital selection, tour guide selection, rooms explored, time spent using features of the app etc.
- We have disabled many of the Google Analytics features including but not limited to: advertising, crashyltics, performance testing, A-B testing and cloud messaging.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data (a) where you have consented before the processing, or (b) to enable us to give you the best service/product and the best and most secure experience, or (c) where we need to comply with a legal or regulatory obligation.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
|Purpose/activity||Type of data||Lawful basis for processing|
|To install the App and register you as a new App user||Identity
|To manage our relationship with you including notifying you of changes to the App or any Services||Identity
Performance of a contract with you
Necessary for our legitimate interests (to keep records updated and to analyse how customers use our products/ Services)
Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)
|To enable you to complete a survey||Identity
Performance of a contract with you
Necessary for our legitimate interests (to analyse how customers use our products/Services and to develop them and grow our business)
|To administer and protect our business and this App including troubleshooting, data analysis and system testing||Identity
|Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)|
|To deliver content to you
To monitor trends so we can improve the App
Necessary for our legitimate interests (to develop our products/Services and grow our business)
We do not transfer your personal data outside the European Economic Area (EEA).
We value your trust in providing us your Personal Information and we strive to protect it. All information you provide to us is stored on our secure servers and we will use strict procedures and security features to try to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. Should we discover a data security breach, we will inform you (and our regulator) and take all steps required of us under English law.
We retain your email address for a period of six-months after the date of procedure you insert into the App. Following this, we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
YOUR LEGAL RIGHTS
Under certain circumstances you have the following rights under data protection laws in relation to your personal data. In summary:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- if you want us to establish the data’s accuracy;
- where our use of the data is unlawful but you do not want us to erase it;
- where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
You also have the right to ask us not to continue to process your personal data for marketing purposes.
You can exercise any of these rights at any time by contacting Alexander Preston at firstname.lastname@example.org
Data Protection Officer