Last updated: 13th July 2020
medCrowd is controlled and operated by medDigital Limited ("medDigital", "we", "us", "our"). We are a company registered in England and Wales with the company registration number 06453053. Our registered office is GG.430, Metal Box Factory, 30 Great Guildford Street, London SE1 0HS. We are registered with the UK Information Commissioner's Office as a data controller with registration Z1263667.
The legal basis for processing your personal data is the consent you give when you join medCrowd.
We treat all our Members equally, irrespective of which country they reside in. As a UK company, we adhere to the European General Data Protection Regulation (GDPR).
The GDPR provides you the following rights:
1medCrowd allows you to assert these rights using the settings available within medCrowd.
If you are unable or unwilling to assert these rights using the tools provided in medCrowd, please email us at privacy@medCrowd.com and we'll ensure your rights are respected and actioned. We won't charge a fee for doing so, but we will have to take steps to verify your identity before actioning your request.
There are two types of cookie you will encounter when using medCrowd:
First party cookies:
|medCrowd||A session identifier to keep track of your session so medCrowd knows you are a logged in member. This cookie does not store any personal data.||A sequence of random alphanumeric characters||When you close your browser or after 1 hour of inactivity|
|XSRF-TOKEN||A mechanism to protect medCrowd and members from cross-site request forgery. This cookie does not store any personal data.||A sequence of random alphanumeric characters||After 1 hour of inactivity|
|dismissBrowserWarning||So we can remember that you have asked not be shown the "Please ensure you are using the latest version of a supported browser" warning message. This cookie does not store any personal data.||1 (meaning true)||When you close your browser|
|dismissAppReminder||So we can remember that you have asked not to be shown the "Get the App" popup message. This cookie does not store any personal data.||1 (meaning true)||3 months|
Third party cookies:
|We use Pusher infrastructure to send a signal to your device when new content is created that may impact what you are currently seeing in medCrowd. This allows your device to request that content and update the user interface without you having to manually refresh.||Pusher Privacy|
If you wish to restrict or block the cookies which are set by medCrowd, you can do this through your browser settings. The ‘Help’ function within your browser should tell you how.
We may collect, store or accumulate certain non-personal data such as information regarding how visitors found medCrowd, which of our pages are most popular, and how people navigate through medCrowd to help us improve the user experience and for general administration.
We collect personal information from persons who register to be medCrowd members.
The type of information that we collect from you if you choose to register as a Member includes: your name, a photo, the name of your organisation, email address(es), mobile number(s), role, specialisms and career grade.
We may also record additional personal data that you provide to us as a result of your use of medCrowd. This includes, for example, information you provide when applying to join a team, participate in a paid conversation, when sending us an email enquiry and in the general provision of services.
You may be given the opportunity to submit information about other people for the purposes of, for example, sharing medical expertise. You must obtain permission from such other people before you submit their information to us.
You must respect patients' confidentiality and comply at all times with all applicable laws as well as the regulations and guidance governing your healthcare profession in the country where you are located (for example, for UK-based users there is specific guidance from the GMC on this issue). Insofar as you do wish to use a patient's personal circumstances within any context on medCrowd, you must either: (a) ensure that there is no way that the patient could possibly be identified from the details that you have provided; or (b) you must have clear and unambiguous authority to disclose those details;
We collect and process information so we are able to:
When you use medCrowd, we collect limited, anonymous data. Our servers will record your browser and operating environment, date and time, the page you accessed, and any referring page. We use this information to generate statistics, analyse navigational patterns and measure activity so we can improve medCrowd.
If you become a medCrowd member, we will additionally keep a record of the IP addresses and types of browsers/devices that you use when accessing medCrowd. We use this information to warn you if we detect usage of your medCrowd account on a device or at a location not normally used by you. This information will be used for no purpose other than maintaining the security of your account.
If you become a medCrowd member, we will additionally log the activities that you perform on medCrowd to maintain an audit trail to comply with healthcare legislation. This information will be used for no other purpose.
Limited personal information (name, photo, country, role, specialism(s), organisation & career grade) is available to all medCrowd members as your profile.
If you choose to apply to join a team or participate in a paid conversation, we will ask for additional information which will be disclosed to the owners of those resources to allow them to make an informed decision whether to accept or reject your application and to manage your membership of those resources including, for example, making payments to you.
If you connect a third party application to medCrowd (for example, using 'Login with medCrowd' on a third party application), we will disclose limited information to them so they can provide you with the services that you have requested. We'll make it clear what information will be disclosed and ask for your consent before doing so. You can revoke that consent at any time by removing the application using the tools provided within medCrowd.
We may use third parties to perform functions such as hosting or payment processing on our behalf. Such third parties may be provided with access to your information if needed to perform their specific functions, but they may not use the information for any other purpose. These third parties will be EU entities that must comply with the GDPR or US entities who are registered with the Privacy Shield framework.
We may disclose your information to third parties where necessary to comply with applicable laws and regulations, where there is a complaint relating your use of the medCrowd and/or for the purposes of obtaining professional advice (for example, legal advice).
We may sell, share or otherwise transfer information about visitors to medCrowd in an anonymous or aggregate form with third parties including advertisers, business partners, and sponsors, for the purposes of, without limitation, understanding customer trends and patterns and managing and improving our business relationships.
It is possible that medDigital could merge with or be acquired by another business or that the operation of medCrowd will be transferred or sub-contracted to another legal entity. To the extent legally permissible, we may share with, or otherwise transfer your information to, the resulting legal entity.
medCrowd may contain links to websites. Please be aware that we are not responsible for, and have no control over, the privacy practices of other websites. Please refer to their own privacy policies for more information.
In addition, we may sometimes provide content on medCrowd that is sponsored by, or co-branded with, third parties (for example, surveys). Depending on the circumstances, your participation in any such sponsored and/or co-branded activities may involve you volunteering your personal information to the relevant third party. We are not responsible for the collection and/or use of your personal information by any such third parties.
We have taken appropriate technical and organisational measures to protect the personal information that we collect against unauthorised or unlawful processing as well as against accidental loss, destruction or damage.
We will continue to maintain and improve these measures over time in line with legal and technological developments. Please note, however, that no data transmission over the internet can be guaranteed as totally secure.