By using the Just In Case app, you agree to this Policy. We will also highlight this during the initial sign-up or account creation process, and you will be expressly asked to agree. Once agreed, this Policy is legally binding on both parties.
Occasionally we may need to change this Policy. We will make you aware of any changes in advance, and tell you the date when those changes apply. By continuing to use the Just In Case app after that date, you agree to the revised Policy. Otherwise, you are free to close your Just In Case account (see “Closing your Account” below).
3. WHAT INFORMATION WE COLLECT AND HOW WE USE IT
Personally identifiable information such as your name, email address, telephone number, and payment information, and your health information such as any information about a medical condition or other information submitted by you and persons authorized by you and from third party data sources approved by you in your Just In Case account, (“Your Data”) is completely controlled by and belong to you. Except as provided in this Policy, we will never use Your Data for any purpose without your express permission.
General Just In Case user information includes data such as (i) profile data (e.g. date of birth, gender or country data), (ii) technology data (e.g. device & browser type), (iii) user behaviour data such as how often owners login and for how long, how, what features are used and how often, etc. We use general user information to improve our product, services and overall user experience.
Anonymized and aggregated data includes Your Data which has been de-identified and aggregated with other Just In Case users and, in some cases, non- Just In Case user data. We use anonymized and aggregated to learn more about our Just In Case users’ needs and interests, to identify how we can improve the Just In Case to better serve our users, and to determine what third party products and services may be most useful and valuable to them. We reserve the right to disclose anonymized and aggregated data publicly without restriction.
Except as we state in this Policy, we will not make Your Data available to anyone with whom you have not instructed or permitted us to distribute or share Your Data. Where we believe in good faith that we have a legal obligation to make that data available to the authorities, or if the threat of physical harm or other damage exists to you, our company, or someone else, we reserve the right to provide any information to the proper authorities and as needed to protect those parties from harm.
4. DATA PROCESSING
We are a UK company. You agree to have your information stored and processed in the United Kingdom or other countries as determined by us in our sole and absolute discretion.
5. PERMITTED USERS
By setting up a Just In Case account, you represent that you have either reached the age of “majority” where you live or have valid parent or legal guardian consent to be bound by these Terms, and that you are not barred from setting up an account, using a Just In Case under applicable laws. If you do not know whether you have reached the age of majority where you live or do not understand this section, please ask your parent or legal guardian for help before you create an account. If you as a parent or guardian create an account for a minor or you are the parent or guardian of a minor who sets up an account, you accept these Terms on the minor’s behalf, and are responsible for all use of the Just In Case account.
You can create a Just In Case for others only where you are the authorized individual-representative (a parent, guardian, or legal representative establishing a subscription for a Just In Case). By setting up such an account you automatically certify and agree that (i) you have this authority, (ii) we are entitled to rely of your certification as true, and (iii) you will hold us harmless from any claim by such others that you did not have authority to create a Just In Case for them. Subject to an agreement with our company, we will permit organizations (including not-for-profit entities) and individuals to create Just In Case account, set up accounts for others and encourage them to use a Just In Case. Whether you set up your own Just In Case account or one is set up for you and you agree to become a Just In Case user, these Terms shall apply to you and govern your relationship with us.
We reserve the right to restrict in our sole discretion who is eligible to use the Just In Case app, or set up an account, and to reject a request to create a Just In Case account or close an account at any time without liability. We will only do this where we believe we have a reasonable concern or issue.
We take security very seriously and use multiple methods of encryption and security to ensure that Your Data is protected when it is in your Just In Case app. However, we cannot and do not guarantee that a breach will never occur or that Your Data will be 100% secure and will never be misused, and you acknowledge and agree that we cannot be held responsible for any breach or unauthorized access to or use of Your Data.
We provide you with an option to share Your Data via email, which will not encrypt or protect Your Data during transmission. You agree that when you share Your Data using tools which do not provide the necessary encryption and other appropriate protections, that you do so knowingly, at your own risk; and we cannot be held responsible for any breach, hack, or unauthorized access to or use of Your Data.
To prevent access to your Just In Case account by people with malicious intent, we strongly encourage you to follow best practices for a safe password, identity and personal health information management, and to not share your Just In Case account credentials or Your Data with anyone with whom you do not have a high level of trust.
7. SERVICE PROVIDERS
8. PRIVACY STANDARDS
Your Just In Case account and all of its content belong to you. You have control over your Just In Case account and how much of Your Data you share with others. You are solely responsible for verifying the identity of those you have shared your Just In Case data with, organizations which have created and invited you to use a Just In Case app, and monitoring the access to and use of your Just In Case by those whom you, authorized others and/or organizations have invited to your Just In Case. We are not responsible nor liable for anyone you allow to access your Just In Case app or use Your Data.
9. CLOSING YOUR ACCOUNT
Once you establish a Just In Case account it will continue to exist until closed by you or us. You can stop using your Just In Case app and close your account with us at any time. You simply need to notify us by email at firstname.lastname@example.org.
When your account is closed, we will provide you, by a means to be determined by us in our discretion, with a PDF format of Your Data as it then exists in your Just In Case account. Except where you have agreed to share Your Data as set out below, we will delete all of Your Data within a reasonable period (around 60-90 days). Note that once Your Data is deleted it cannot be retrieved. We will retain system logs in relation to your Just In Case tracking the deletion, but not retaining Your Data.
Where you have chosen to give access to Your Data to any third parties (including other Just In Case users) for analytical and other purposes in both anonymous and/or personally identified formats with the requirement that some or all of Your Data will not be deleted in the future, then Your Data will continue to be stored, shared and used as you have agreed.
10. USAGE ANALYTICS
We use analytical tools to monitor aggregate usage of our Just In Case app by our population of users for internal purposes to help us deliver and improve our app to you. This may include cookie information, anonymized IP address information, location information, and usage or platform access information.
You agree that we may collect and use this information (and share it with our Service Providers) to assist us in our internal business operations.
11. COOKIES AND ANONYMOUS IDENTIFIERS
We use Google Analytics on our website to collect usage data, to analyse how users use the website. For more information about how to opt out of having your information used by Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.
12. CHILDREN’S PRIVACY
The Just In Case app is intended for users who are 13 years of age and older. If we become aware that we have inadvertently received information relating to a child who is younger than 13, we will promptly delete that information from our records.
13. DATA PROTECTION AND CONFIDENTIALITY
a) In this clause 13, the following definitions apply:
i) Controller: as defined in the applicable Data Protection Legislation.
ii) Data Protection Legislation: up to but excluding 25 May 2018, the Data Protection Act 1998 and thereafter (i) unless and until the GDPR is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.
iii) GDPR: General Data Protection Regulation ((EU) 2016/679).
iv) Personal Data: as defined in the applicable Data Protection Legislation.
v) Personal Data Breach: as defined in the applicable Data Protection Legislation.
vi) processing: as defined in the applicable Data Protection Legislation (and related terms such as process have corresponding meanings).
vii) Processor: as defined in the applicable Data Protection Legislation.
viii) Transfer Safeguards: means safeguards that are recognised under the Data Protection Legislation for permitting the transfer of Personal Data outside of the European Economic Area.
b) You and MGM Psychology Ltd will comply with all applicable requirements of the Data Protection Legislation and all relevant Codes of Practice and other guidelines issued by the Office of the Information Commissioner in respect of the Personal Data which is processed via, or is caused to be processed by MGM Psychology Ltd in MGM Psychology Ltd providing its products and services. Our Privacy Notice (available at https://www.myjustincaseapp.com/privacy-policy/) applies to our processing of Personal Data. This clause 13 is in addition to, and does not relieve, your or MGM Psychology Ltd’s obligations under the Data Protection Legislation and other guidelines issued by the Office of the Information Commissioner.
c) Without limitation to clause 13(b), it is MGM Psychology Ltd’s policy to follow the Code of Practice for information management systems set out in ISO/ICE 27001.
d) MGM Psychology Ltd may engage third-party Processors to carry out any processing activities in respect of the Personal Data that it processes as part of providing the MGM Psychology Ltd products and services, and MGM Psychology Ltd shall notify you of any such third-party Processors by posting details on MGM Psychology Ltd’s website and/or by including relevant details in the Privacy Notice. MGM Psychology Ltd confirms that it has entered into or (as the case may be) will enter into with the third-party Processor a written agreement incorporating terms which are substantially similar to those set out in this clause 13. As between the MGM Psychology Ltd and you, MGM Psychology Ltd shall remain fully liable for all acts or omissions of any third-party Processor appointed by it.
e) To the extent that MGM Psychology Ltd is ever acting as a Processor in processing the Personal Data as part of the MGM Psychology Ltd products and services on your behalf with you acting as a Controller, MGM Psychology Ltd shall:
i) process that Personal Data only on your written instructions (and you hereby instruct MGM Psychology Ltd to process the Personal Data you supply in order to provide you with the MGM Psychology Ltd products and services) unless MGM Psychology Ltd is otherwise required by the laws of any member of the European Union or by the laws of the European Union applicable to MGM Psychology Ltd to process Personal Data (Applicable Laws). Where the MGM Psychology Ltd is relying on Applicable Laws as the basis for processing the Personal Data, MGM Psychology Ltd shall notify you of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit MGM Psychology Ltd from so notifying you;
ii) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the Personal Data and against accidental loss or destruction of, or damage to, the Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting the Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted);
iii) ensure that all of MGM Psychology Ltd’s personnel who have access to and/or process the Personal Data are obliged to keep the Personal Data confidential;
iv) only transfer the Personal Data to any country outside the European Economic Area if Transfer Safeguards are in place for such transfer (to the extent required by Data Protection Legislation);
v) notify you without undue delay on becoming aware of a Personal Data Breach;
vi) at your written direction, delete or return the Personal Data and copies thereof to you on termination of these Terms and Conditions unless MGM Psychology Ltd is required by Applicable Law to store the Personal Data, but MGM Psychology Ltd shall not be required under this clause to delete Personal Data (including from backup copies), which has been stored in accordance with any retention periods set out in MGM Psychology Ltd’s retention policy, where to do so would not be technically reasonable having regard to all the circumstances; and
vii) maintain, in accordance with Data Protection Legislation binding on MGM Psychology, written records of all categories of processing activities carried out by MGM Psychology Ltd on your behalf.
f) All information shared between the parties, or otherwise accessed, in relation to these Terms and Conditions shall be held confidential by the other party.