Last updated: 14 May 2021
TAVI Heart Team App has been built as a commercial application. This SERVICE is provided by William Redwood, Dr Christopher Allen, and other associated research fellows (collectively "the developers"), and is intended for use as-is. Hereafter, the developers may also be referred to as “We”, “Us”, "Our", "Me", "I".
This page is used to inform visitors regarding the policies with the collection, use, and disclosure of personal information for those who decide to use this service.
Information Collection and Use
For a better experience while using the service, users may be required to provide certain personally identifiable information, including, but not limited to, their full name, email address, profession, institution, and country of work.
Certain third-party services are also used, and they may collect information used to identify users. Their respective Privacy Policies may be found here:
nAnonymised Research Data
The application may also collect anonymised patient records should a user not opt-out (or opt-in) through the in-app settings after this onboarding process (About tab -> User profile). This would be collected for the purposes outlined below.
These will have the Patient ID randomised, and any ECG scan images removed, to reduce the chance of any records being recognised.
The collected data would be used for the following purposes:
- To correlate patient and device selection with real-world outcomes.
- To enable the identification and testing of novel risk variables or scores, to help improve the evaluation of patients undergoing consideration for TAVI/valve intervention.
Any information which is collected during the course of this research will be kept strictly confidential. The information we analyse for the results will be anonymous. The information will be kept for up to twelve months after the research has been completed, before being destroyed. Any data will be kept securely, as outlined in the "Security" section of this policy below. These steps mitigate any potential risks to user who opt-in.
If you opt-in to anonymised patient record collection, but later opt-out, the developers are not automatically notified. No further records are collected by the developers, but any previously-collected records may not be deleted. Should a user desire that previously-collected records are deleted, please contact us using the details at the bottom of this page.
Likewise, should a user have any questions regarding this, please feel free to contact us using the details at the bottom of this page.
The standard collected data may be used for the following purposes:
- To provide and maintain the service, including to monitor usage of the service.
Retention of collected data
Usage/log data will also be retained for internal analysis purposes. This data is generally retained for a shorter period of time, except when this data is required to strengthen the security or improve the functionality of the service, or if there is a legal obligation to retain this data for longer time periods.
All information is transmitted and stored using Firebase services, which have all, at the very least, successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process.
Links to other sites
These Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 years of age. In the case that we discover that a child under 13 has provided us with personal information, this will be immediately deleted this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that this can be actioned accordingly.
Data subject rights
- The right to be informed; meaning anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
- The right of access; this is your right to see what data is held about you by a Data Controller.
- The right to rectification; the right to have your data corrected or amended if what is held is incorrect in some way.
- The right to erasure; under certain circumstances you can ask for your personal data to be deleted. This is also called ‘the Right to be Forgotten’. This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
- The right to restrict processing; this gives the Data Subject the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- The right to data portability; a Data Subject has the right to ask for any data supplied directly to the Data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
- The right to object; the Data Subject has the right to object to further processing of their data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
- Rights in relation to automated decision making and profiling; Data Subjects have the right not to be subject to a decision based solely on automated processing.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us as noted below.