Digital Care Planning Limited takes the privacy and security of your personal information very seriously.
We want you to be confident that the information you enter into our site is safe, confidential and secure. In this Privacy Notice we try to explain clearly what information we may collect about you, why we collect it and how we use it.
data controller, Digital Care Planning (“we”, “us”, “our”)
amberplans.com and our related Amber Care Plans chatbot application facebook.com/ambercareplans/ (the “site”)
users of our site and service (“you”, “your”)
We will publish changes on this page at which time they come into force. When the changes are significant, we will message you with the new details and get your consent to make these changes where we are required to do so by law. As a user of this site you should make sure that you are aware of changes published on this page.
As part of visiting and using our site you will need to set up an account and provide the following personal information so that you can create your advance care plan:
An email address
Your IP address and its location, browser type, browsing activity on our site and mobile device identifiers
Your full name, preferred name, date of birth, gender
Contact information for yourself including your address, postcode, email address, phone number
In addition, when you decide to fill out an advance care plan you are asked for further details including some sensitive personal information. This may include information about your:
current state of health and and any illnesses
priorities and preferences for the place of care and provision of medical treatment
religious beliefs, spiritual or cultural preferences
routines, interests, values and what is important to you
dietary requirements, allergies and intolerances
choices regarding an Advance Decision to Refuse Treatment.
Contact information for any emergency contacts or LPA’s including their full name, email address, phone number
You decide what information to input into your advance care plan and who you want to share it with. You are free to edit and update your information at any time.
Creating an advance care plan
We collect your personal information so that we can help you register on our site and begin creating your advance care plan.
Completing an advance care plan
We collect your sensitive personal information so that you can use our site to create your advance care plan in full. This means you can record and share your wishes and preferences for health care when you are happy with your plan.
Research and analysis of anonymised information
We use anonymised information collected in your care plan to help us analyse and understand what prompts people to make plans, and also how wishes vary across the population. We make sure it is anonymised first, then it is aggregated with other users' anonymised data.
For example, this means we can look at how many people over 65 (using the site) start but never finish the Refusing Treatments section, but not which individuals do so. This data is used by authorised Digital Care Planning Limited employees to improve the product.
Occasionally, authorised researchers that we partner with may also use this anonymised and aggregated information. For example, they may analyse how many people prefer hospital care instead of hospice care, to better understand and then predict what impact it might have on the NHS and other health services, or understand changes in the cost of care.
This research may be shared with 3rd parties as we see fit.
It is a reasonable expectation of using our site that we collect and may use your personal information to contact you by email to:
welcome you to our site and provide guidance on how to access the site or reset your password
send you an annual reminder to review your advance care plan and confirm that your details are still valid and up to date
notify you of any changes or improvements that relate to your advance care plan, the service, security and terms and conditions that affect your use of our site
respond to any communications or emails you have directed at us. We do this to ensure our replies to you are accurate and relevant. If we are unable to reach you by email, we may choose to contact you by the phone number you provided
if you choose to contact us via the Facebook Messenger service, we may respond using Facebook Messenger
Additional permission to contact you
If, when you registered on our site you have given us permission to do so, we will also send you regular emails to contact you with reminders, news, and tips relating to your advance care plan that may be of interest.
Occasionally, Digital Care Planning Ltd employees, or authorised researchers that we partner with may contact you to see if you agree to answer some research questions. It may be healthcare related research or questions about your experience using the service. Researchers will only use anonymised data in order to improve the service and they can only use the information for the purposes outlined in this Privacy Notice.
Personal details of your contacts
We collect and may use your IP address, email address, browser type and mobile device identifier to investigate and ensure your security when using the site.
Employees of Digital Care Planning Limited
Employees of Digital Care Planning Limited or its authorised subcontractors may need access to your site username, and the content you have entered into our site in order to perform their functions. For example, this may include making improvements to the site security or to respond to any communications or emails you have sent to us.
Occasionally, authorised researchers that we partner with may access anonymised and aggregated information from the site. For example, they may analyse how many people prefer hospital care instead of hospice care, in order to improve the site or better understand and predict what impact it might have on the NHS and other health services.
Government or state bodies
We may also disclose your personal information in order to comply with our legal or regulatory obligations. This may include if we are required or permitted to do so by law, any court or any other applicable regulatory, compliance, governmental or law enforcement agency, or in response to a non-mandatory request for information made by a governmental or state body.
Your GP and related healthcare workers
When your plan is complete you will also have the opportunity to share it with your GP and contacts of your choice, such as a family member or close friend. Choosing to send your plan to a GP means we will share you personal information with your GP’s IT provider, and with related healthcare workers that have access to those systems.
If Digital Care Planning Limited is sold or transferred
You should note that if our business and site (or any part of it) is sold or transferred at any time, the personal information you have provided that we hold may form part of the assets transferred although it will still only be used in accordance with this Privacy Notice.
In this section we explain why the collection and use of your personal and sensitive information is necessary. It’s important you understand the purpose, so that you can be confident we take good care of your personal information and that it is processed in line with data protection laws.
Our lawful basis for processing your personal and sensitive information is:
Legitimate Interests - We will use and process your personal information where we have legitimate business grounds for doing so. These interests are reasonable in accordance with your personal interests as a user of the site.
Privacy laws define a concept of "legitimate interests" as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
to enable you to access, register and use our site to create your individual advance care plan including your wishes and preferences for healthcare. For example, when you register on our site, we will use your personal information for the purpose of welcoming you to our site and enabling you to begin creating your plan
to contact you. For example, to notify you of any changes or improvements that relate to your advance care plan, the service, security and terms and conditions that affect your use of our site
to improve our site for you and others. We may use anonymised and aggregated information taken from your use of the site that is combined with other users’ anonymised information, for the purpose of helping us improve the site and service. It will not be possible to identify you from this information.
Consent - We will only collect and process your sensitive personal information if you have consented for us to do so. We need your consent to ensure:
that your sensitive personal information (such as your religion and health) can be securely stored and used for the purpose of you recording your individual wishes and preferences for healthcare in your plan
that when you complete your plan and are happy with it, we can use your sensitive personal information for the purpose of sharing your plan with your GP and healthcare workers that work with your GP, so that they are accurately informed of your wishes and preferences.
Unless you have given us specific permission to do so, this won't include marketing emails with updates, reminders, tips and insights relating to your advance care plan that may be of interest.
As of May 25th 2018, you will have the right to object to our use of your personal information for these legitimate interests and the freedom to withdraw your consent to our use of your sensitive personal information. If you want to withdraw your consent and delete your account, or withdraw your consent to be contacted by us, please email firstname.lastname@example.org or read the section regards managing your account and updating your permissions.
Our site does not knowingly collect or use any personal information about children under the age of 18. If you are aged under 18 and wish to use our site you should ask your parent or guardian’s permission before you provide any personal information to us.
When you enter your information into our site, we share your information securely with some third party IT services to:
Provide our site and your advance care plan over the internet
contact you by email with relevant information
analyse the usage of the site to help improve our site and service
share your plan with the NHS and healthcare professionals at the appropriate time
These IT services are known as data processors of your personal information. This section explains which services we share information with, examples of what we share and why we use them:
Amazon Web Services is used to provide our site that allows you to create and share your advance care plan. For example, it processes the personal information you provide in secure, encrypted databases when we collect and store your details
Amazon Quicksight, Google Analytics, Google Tag Manager, Google Ads are used to anonymously analyse your usage of the site to help improve our service. For example, they process your IP address and the sections you have completed on your plan, but not the content or personal information you enter that can be used to identify you
Intercom is used to contact you by email with relevant information about the site and account security. For example, it processes personal data like your IP address, email address, name and the sections (but not the content or personal information you enter) that you have completed on your plan
Google Dialogflow, Facebook are used to enable you to create your advance care plan securely via the Amber Care Plans chatbot. For example, they process the information that you type or speak in your response to questions. This means that the chatbot can intelligently learn to provide more relevant and helpful responses to your questions that are then stored securely on amberplans.com
Sentry is used to monitor our site for problems and errors. For example, they process your IP address and browser to alert us if the site goes down, helping us provide you with the correct explanation and to improve our site and service.
Docmail is used to print and post your plan, if you have requested the print and post service. If you request a plan be printed and posted, we send the name and address of the recipient to Docmail so that it can add it to an envelope and keep a copy of the order. We also send a pdf of the plan to the Docmail servers so it can print and post the plan as requested.
Our IT service partners are not permitted to use your personal information for their own marketing purposes unless you have consented to receive marketing from them on another site.
The security of your information is important to us and we store and process your personal information in accordance with the standards recommended by the Information Commissioner's Office and required under data protection legislation.
The personal information you provide on our site is stored inside secure, encrypted databases in London and Ireland that are provided by Amazon Web Services. Our site is provided via an encrypted SSL connection.
The transmission of any information via the internet is inherently not completely secure. Although we will do all we can to protect your personal information when we have received it, we cannot absolutely guarantee the security of your data transmitted to our site; any transmission is at your own risk.
In some instances your personal information may be transferred to and stored in countries outside of your home country or the European Economic Area ("EEA"). For example, your information may be processed by some of our IT service providers which operate outside the EEA.
Different countries have different data protection and security laws and some of these do not offer the same level of protection as you are provided under UK data protection legislation. When we select our IT service providers (which includes some based in the USA) to help us provide our site and services to you, we take care to ensure that they have adequate safeguards and appropriate security measures in place.
The following IT services that your information may be transferred to when our site processes your information are based in the USA: Google Dialogflow, Google Analytics, Google Tag Manager, Google Ads, Facebook, Sentry. Some of these companies are participants of the Privacy Shield that provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the EU to the USA.
By using our site you consent to us transferring your information to countries or jurisdictions that do not offer the same level of protection as you are provided under UK data protection legislation. Regardless of which country your information is transferred to, it will be protected in line with this privacy notice and secured using best practice technical security.
If we process personal information about you, then you have the following rights under data protection law:
right to be informed how we process your personal information, including any automated decision making or profiling
right to request to access your personal information free of charge and receive it within one month. We will use reasonable means (such as asking for a form of ID) to verify you are who you say you are, before sending any personal information to you
right to correct your personal information if it is inaccurate or incomplete
right to erase your personal information by requesting that is deleted or removed from our site
right to restrict our use of your information or block us from using your personal information or limit the way in which we can use it
right to data portability of your plan in either a secure digital json, .csv or paper format
right to withdraw your consent at any time.
If you would like to:
access, correct or delete your personal information
register a complaint
request more information
please contact our Privacy Compliance Officer at email@example.com or write by post to:
Digital Care Planning Limited
[Re: Privacy Compliance Officer] 52 Princes Gate, Exhibition Road, London, LND, SW7 2PG, United Kingdom
Please state your full name, the date, the email address you registered with and the name of this site ‘Amber Care Plans’ clearly on all communications. We may ask for a form of ID to verify you are who you say you are, before sending any personal information to you.
We recommend that any requests are put in writing so that we both have a record of the communication. However you may also contact us verbally if you are unable to send your request in writing, we will log your verbal contact on our system for your response.
If you're not satisfied with the way we handle any complaint you make in relation to your personal information, you may be able to refer your complaint to the relevant data protection regulator. In the UK, this is the Information Commissioner's Office.
If you wish to update your details and permissions at any time, you can use the My Account area on our site. If you don't want to be contacted by us anymore you can also email firstname.lastname@example.org
Type of record
‘Adult health records not covered by any other section in the schedule’. The standard retention period for this type of record is 8 years based on the last time you accessed amberplans.com. It is a reasonable expectation and legitimate interest that whilst your account is active, we will contact you annually from the point in time that you created your account to remind you to review and ensure that your care plan is accurate and up to date.
If you do not access your account for 8 years after creating an account, we will extend the retention period and maintain your account with the reasonable expectation and legitimate interest that you are still alive and happy with the content of your advance care plan. This is in accordance with your original intent to create an advance care plan for the purpose of end of life care.
If you wish to delete your account and the personal data that you have created, you can do so either using the My Account area or send an email request (using the same email address you registered with) to email@example.com. Your request will be actioned within 7 business days.
If you delete your account and your personal information, it will exist on our backup in an archived state for legal and regulatory purposes.