Privacy Policy

This Privacy Policy tells you what data we collect, why we collect it and what we do with it. This Proactive Health Gateway Privacy Policy was last updated on 23rd October 2019.

Introduction

The AXA Group of companies takes your privacy very seriously. The information below tells you, in mostly broad terms, how we use personal information that we collect from your use of the Health Gateway.

Proactive Health are a trading name of AXA ICAS Limited, we provide health and wellbeing services including the Proactive Health Gateway (Health Gateway) which is the application you are currently viewing. The Gateway service pools and consolidates your everyday health and fitness data from software applications and data inputted manually to empower and inspire you to lead a healthier and more active life. The Health Gateway also provides access to the ‘AXA Health Age’ Calculator which allows you to calculate your AXA Health Age and provides information on how you can improve your health and reduce your health risks. You may be receiving our service as part of another product from AXA such as private medical insurance.

The Health Gateway may have links to the websites of other companies within the AXA Group. Each AXA Group company’s websites will contain similar details to those set out below, but which may be more specific to their business and we recommend that you check these if you visit their websites.

By accessing or using the Health Gateway on any computer, mobile phone, tablet, console or other device, you consent to this Privacy Policy. From time to time we may need to make changes to this Privacy Policy, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check the AXA website periodically to view the most up to date Privacy Policy.

Any personal information you supply to Proactive Health via the Health Gateway (and by other means) will be treated in accordance with the Data Protection Act 2018, General Data Protection Regulation 2018 and other legislation intended to protect your personal information and privacy.

While this Privacy Policy is intended to generally describe our privacy practices, our goal is to also provide more detailed information at times when it’s most meaningful to you. This Privacy Policy details what data we collect, how we collect it and what that data will be used for.

This Privacy Policy is incorporated into the Health Gateway Terms of Use Policy, Cookie Policy and Security Policy which can be accessed on the bottom of every webpage incorporated into the Health Gateway service.

You can find the link to the AXA ICAS Limited Privacy Policy in the Third parties/AXA Groups section of this policy.

Our Privacy Principles

When we collect and use your personal information, we ensure we look after it properly and use it in accordance with our privacy principles set out below, keep it safe and will never sell it.

Our Privacy Principles

  1. 1. Personal information you provide is processed fairly, lawfully and in a transparent manner
  2. 2. Personal information you provide is collected for a specific purpose and is not processed in a way which is incompatible with the purpose which AXA collected it
  3. 3. Your personal information is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed
  4. 4. Your personal information is kept accurate and, where necessary kept up to date
  5. 5. Your personal information is kept no longer than is necessary for the purposes for which the personal information is processed
  6. 6. We will take appropriate steps to keep your personal information secure
  7. 7. Your personal information is processed in accordance with your rights
  8. 8. We will only transfer your personal information to another country or an international organisation outside the European Economic Area where we have taken the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards
  9. 9. AXA UK and AXA Group companies do not sell your personal information and we also do not permit the selling of customer data by any companies who provide a service to us
  10. 10. We endeavour to be transparent and clear with the way we use your personal information

What information do we collect, and how?

  • We may process your personal information for a number of different purposes and these are set out in more detail in the below sub-sections. Under data protection laws we need a reason to use and process your personal information and this is called a legal ground. We have set out below the main reasons why we process your personal information and the applicable circumstances when we will do so. When the personal information we process about you is classed as sensitive personal information (now known as ‘Special Categories’) (such as details about your health, sexual orientation or criminal offences) we must have an additional legal ground for such processing. Where we have a legal obligation to use such personal information, for example if the Information Commissioner's Office (ICO) wish us to maintain certain records of any dealings with you.
  • Where we need to use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves.
  • Where you have provided your consent to our use of your personal information. We will usually only ask for your consent in relation to processing your sensitive personal information (such as health data) or when providing marketing information to you (including information about other products and services). This will be made clear when you provide your personal information. If we ask for your consent we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you with additional services.
  • Where we have appropriate legitimate business need to use your personal information such as maintaining our business records, developing and improving our products and services, all whilst ensuring that such business need does not interfere with your rights and freedoms and does not cause you any harm.
  • Where we need to use your sensitive personal information such as health data because it is necessary for your vital interests, this being a life or death matter.

The personal information Proactive Health collects through the Health Gateway service may include details such as:

  • Contact details such as name, email address, postal address, telephone number, date of birth and gender
  • Sensitive personal information such as height, weight, BMI, blood pressure diastolic, blood pressure systolic, bodyfat, waist, cholesterol blood glucose, smoking/alcohol consumption

Personal information may be collected:

  • through registration;
  • when you use any of our products or services;
  • when you fill out a survey, or vote in a poll on the Health Gateway;
  • through applications; and
  • through the health age calculator, health assessment tools, other personal health or wellness data sources; and through feedback forms.

We also collect information that could identify your computer to us (your IP address) and/or that tells us about how you use our websites. See the Cookies section below for more information.

What will the information be used for?

We use other companies to help us provide services to you and to store your information. Many of these are AXA UK companies based outside the European Economic Area (EEA) where the laws protecting personal information are not as strong as in the EEA. However, we take steps to make sure that companies working for us provide an appropriate level of protection. AXA operate a secure European Data Centre in Switzerland where the laws protecting personal information meet EEA requirements.

The services available under the Health Gateway are, depending on the service, provided alone or jointly by us Proactive Health, legal entity of AXA ICAS Limited or service providers invited onto the Health Gateway to provide health benefits.

These companies will, as necessary, share that information to provide you with an assessment of your health age, to help you make plans to address areas of concern in your lifestyle, to recommend solutions that they have to address key lifestyle issues and evidence on the efficacy of services. When you provide information on the Health Gateway you give your consent to this. We may use your individual data for recommending relevant health solutions, for analytical purposes and to assist us in improving our processes, products and services. Your data will never be given to any third party for marketing.

Management Information Reporting: If you’re accessing our service via your employer, Proactive Health will provide Management Information reports to your employer using anonymised data.

Automated decision making: Depending on the services available to you we will offer you access to additional services depending on the certain thresholds in the data you provide us. This is so that we can offer health and wellbeing service that are relevant to you.

Legal Grounds for Processing

There are a number of legal grounds for us to be able to process your data:

Fulfilment of Contract: Processing is necessary to fulfil a contract we have to provide you with our service. We will provide you with the services and communicate with you. We will resolve any complaints you may have and we will process your personal and sensitive data and any information relevant to your use of our service.

Individual Consent: We will process your personal and sensitive information when you have given clear consent to process your data for a specific purpose.

We also have a legitimate business need to use your personal information for services improvement.

With all provisions of health-related services, there would be other legal grounds used to process your information, for example:

  • To protect your vital interest or that of someone else
  • Within the context of a dispute or legal claim
  • Compliance with a legal obligation to which we are subject

Email Communication

As part of the service you will receive a monthly newsletter email communication that provides information on health and wellbeing topics as well as useful tools available to you within the Health Gateway.

You can choose for additional offers and services to be included in this email. To include or remove additional offers and services from this newsletter you can confirm this on registration or head over to the Profile page within the Health Gateway to amend your settings. Email communications can be opted out of at any time via an unsubscribe link within each email.

How long do we keep your records?

We will retain your records all the time you are an active user. If you are inactive for more than 2 years you will be marked as inactive and be deleted 7 years from last point of activity. If your account is in the inactive status you would need to reactive your account and accept the latest Terms of Use to be able to use the Health Gateway.

Your rights

Proactive Health is committed to delivering the rights that the Data Protection Act 2018, General Data Protection Regulation 2018 and Privacy and Electronic Communications Regulations provide to individuals. This includes your right to object to your personal information being used for direct marketing. Where required, we will ensure that we obtain your consent before undertaking marketing.

You can ask us to do various things with your personal information. For example, at any time you can ask us for a copy of your personal information, ask us to correct mistakes, change the way we use your information, or even delete it. We’ll either do what you’ve asked, or explain why we can’t - usually because of a legal or regulatory issue.

The right to access, rectify, restrict and transfer your personal information

You have a right to request that any inaccurate data is corrected. You can update this data directly in the Health Gateway or by contacting us by completing this online form.

You also have the right to request a copy of the personal information Proactive Health holds about you. In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal information. To do this, please write to us with full details of what you require to AXA ICAS Ltd, at the following address:


Quality Manager

AXA ICAS Ltd
480 Argyle Street
Glasgow
G2 8NH

The right to erasure

You have the right to ask us to delete your personal and sensitive information from the Health Gateway. You can do this by logging in to the Health Gateway and heading over to Profile page. Within this page there is a button that allows you to delete your account. Alternatively please contact the quality manager at the address above.

The right to withdraw consent:

For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information.

The right to lodge a complaint

You have a right to complain to the ICO at any time if you object to the way in which we use your personal information. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/

You can make any of the requests set out above using the contact details provided to you in this privacy policy or if applicable within your policy documentation. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.

Contact Details of the Data Protection Officer

If you wish to contact the Data Protection Officer the details are below:

For AXA Health Services

The Data Protection Officer :
AXA PPP healthcare
AXIS House
23 St Leonards Road
Eastbourne
BN21 3PX                     email address: dataprotectionofficer@axa-icas.com

Cookies

AXA PPP healthcare sends cookies to your computer and other web enabled equipment from its websites. Cookies are pieces of information that a website transfers to your computer. Cookies can make the web more useful to you by storing information about your preferences on particular websites. This allows website owners to provide more useful features for their users.

More detailed information on the cookies we store and their use can be found on our Cookie Policy, which can also be accessed on the bottom of every webpage incorporated into the Gateway service.

Third Parties/AXA Groups

The Gateway may contain links to other websites which are outside our control and are not covered by this Privacy Policy. If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.

The services available under the Gateway are, depending on the service, provided alone or jointly by us, AXA ICAS Limited, AXA ICAS Occupational Health Services Limited or service providers invited onto the Gateway to provide health benefits.

Please find AXA ICAS Limited Privacy Policy here: https://www.axappphealthcare.co.uk/healthservicesprivacypolicy/

These companies will, as necessary, share that information to provide you with an assessment of your health age, to help you make plans to address areas of concern in your lifestyle, to recommend solutions that they have to address key lifestyle issues and evidence on the efficacy of services. When you provide information on the Gateway you give your consent to this.

AXA Company Details

AXA Proactive Health

Proactive Health are a trading name of AXA ICAS Limited.


AXA ICAS Ltd

A private limited company incorporated in England and Wales with company number 02548573 and whose registered office is at 5 Old Broad Street London EC2N 1AD.


AXA UK Group

Wherever the name “AXA” is used on the Website, this implies one or more of the following companies within the AXA UK Group of companies, which may offer products or services on the Website. Further details can be found on the respective companies’ websites.


AXA Insurance UK Plc

Trading as AXA Insurance a public company limited by shares incorporated in England and Wales with company number 078950 and whose registered office is at 5 Old Broad Street, London, EC2N1AD. Swiftcover and Swiftcover.com are both trading names of AXA Insurance UK Plc.


AXA PPP healthcare Limited

Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 03148119 and whose registered office is at 5 Old Broad Street London EC2N 1AD


AXA PPP healthcare Administration Services Limited

Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 03429917 and whose registered office is at 5 Old Broad Street London EC2N 1AD


AXA PPP Administration Services Limited

Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 05961472 and whose registered office is at 5 Old Broad Street London EC2N 1AD AXA UK Plc Registered company number: 02937724 and whose registered office is at 5 Old Broad Street London EC2N 1AD