Insulia^® app data and privacy policy

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By using the Insulia App, requesting services from us and/or confirming your consent to the way we process data, you are accepting and consenting to the practices described in this policy.
This policy sets out the basis on which any personal data we collect from you, or that you (or others) provide to us, will be processed by us.
The data controller is Gateshead Health NHS Foundation Trust/Newcastle Gateshead Clinical Commissioning Group
Trust: Daren Rigg – Darren.rigg1@nhs.net
CCG: Sam Hood – samanthahood@nhs.net
The Insulia App is owned and operated by Voluntis SA of 58 Avenue de Wagram, 75017 Paris, France and is made availble under the Insulia App Terms of Use.

Sources of information

We collect and process information provided by:

you;
healthcare professionals and;
automatic transfer from a measurement device.

Information collected by the Insulia App

We will collect and process the following information:
All users:

name and surname;
e-mail address;
telephone number;
address/workplace;
connection/user ID; and
logs of system access and use.

Patient data:

name and surname;
gender;
e-mail address;
date of birth;
telephone number;
Insulia App licence activation and expiration dates;
identifiers relating to the Insulia App licence, smartphone and internet connection; and
health information including details of disease type and status, treatments and doses, blood analysis results (including HbA1c and glucose levels), patient weight and other information relevant to the use of the Insulia App.

Uses made of personal data (Authorised Processing)

The Insulia App uses the above information in order to:

generate suggested doses of insulin and educational coaching messages based on blood glucose values;
capture, store and transmit diabetes-related healthcare information, enhance data management, display reports and graphs to aid the patients and practitioners with the review, analysis, and evaluation of patient data in order to support effective diabetes management;
the information collected in the Insulia App will be retained for a period of 10 years following the last use of the app, in order to enable Voluntis to comply with its legal and regulatory obligations, and such historic information will only be used for those purposes; and
produce sets of anonymised data by removing information linking the information to identifiable individuals and combining the information with anonymised data from other users, such anonymised data may be used by Voluntis in order to improve the Insulia App and will be held with strict controls in place to ensure that the information cannot be used in order to identify individuals.

The legal basis for using your data

We rely upon the following grounds in order lawfully to process your personal data (including information relating to your health):

the processing is necessary for the purposes of preventative medicine, medical diagnosis, the provision of health care or treatment or the management of health care systems and services and/or pursuant to contract with a health professional; and those undertaking the processing are subject to a binding obligation of confidence in relation to that data;
As a patient have consented to the processing; and
As a professional the processing is being undertaken at your request pursuant to a contract under which you have been granted rights to use the Insulia App.

Recipients of information

The personal data contained in the above information will be used and shared in the following manner: