Here at Dama Health Limited ("Dama Health," “we,” “us,” “our”), we deeply respect your privacy and are committed to keeping your personal data confidential. We thank you for accessing our technology Platform (the “Platform”), whether through app.damahealth.com (the “Website”) or through our App. Dama Health is focused on improving Women’s Health by providing clinical decision support software to your health care providers to support shared decision-making regarding contraception (collectively the “Services”).
This Privacy Policy applies to users of the Platform, whether the Platform is accessed through the Website or the App, and describes:
This Policy is not applicable to any information collected offline, through email or other electronic message, or through third-party websites or services that you may access through the Platform (“Third Party Services”). If you choose to share Personal Information with Third Party Services, you should review the Privacy Policies and Terms of Use for those Third Party Services.
Please read this Privacy Policy carefully. If you don’t agree with this Privacy Policy, do not use our Platform. By accessing or using our Platform, you agree that you have read this Privacy Policy and that you understand, and consent to be bound by, the terms and conditions herein.
If you have not done so already, please also review our Terms of Use. The Terms of Use contain provisions that limit our liability to you.
We reserve the right to amend this Privacy Policy at any time. Whenever possible, we will provide you with advance written notice of our changes to this Privacy Policy. We will not make retroactive changes that reduce your privacy rights unless we are legally required to do so. Your continued use of our Platform after we make changes shall constitute your acceptance of those changes, so please check this Privacy Policy periodically for updates. The amended Privacy Policy supersedes all previous versions.
We collect the following information (“Personal Information”) that you provide directly to us when you use our Platform:
From time to time, Dama Health receives personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third-party website (e.g. LinkedIn).
As is true of most other websites, Dama Health’s Website collects certain information automatically and stores it in log files. The information may include internet protocol (“IP”) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Website, including a history of the pages you view.
A cookie is a small piece of data sent from a website and stored on your computer by your web browser. Cookies contain information about your computer, such as a user ID, user settings, browsing history and activities conducted while using the Services. Cookies are not themselves personally identifiable, but may be linked to Personal Information. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier.
The file is added once you agree to store cookies on your computer or device, and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow sites to respond to you as an individual. The Platform can also tailor its operations to your needs, likes, and dislikes by gathering and remembering information about your preferences. We use other cookies and other data collection tools (such as web beacons and server logs), which we collectively refer to as “data collection tools,” to help improve your experience with the Platform. For example, data collection tools help us remember users and make the Platform content or interface more relevant to them.
Specifically, the Platform may use cookies to:
Overall, cookies help us provide you with a better Platform experience, by enabling us to monitor which pages you find useful and which you do not.
You can accept or decline cookies. Most web browsers automatically accept cookies, but you can modify your browser setting to decline cookies if you prefer. To find out more about cookies, including how to manage and delete cookies, visit www.allaboutcookies.org. Some web browsers (including some mobile web browsers) provide settings that allow a user to reject cookies or to alert a user when a cookie is placed on the user’s computer, tablet or mobile device. Most mobile devices also offer settings to reject mobile device identifiers. Although users are not required to accept cookies or mobile device identifiers, blocking or rejecting them may prevent access to some features available through the Website or App.
Dama Health maintains a comprehensive cookie notice that describes the cookies and tracking technologies used on the Dama Health Platform and provides information on how users can accept or reject these technologies. To view the notice, just click cookie notice.
Dama Health processes your Personal Information for legitimate business purposes, the fulfillment of our Services to you, compliance with our legal obligations, and/or with your consent. We use Personal Information to:
We do not sell, share, or otherwise disclose your Personal Information for reasons other than those described in this Privacy Policy.
We disclose your Personal Information to a few third parties, including:
We may use your Personal Information to contact you with offers, promotions, and other marketing communications. We may also use cookies to provide relevant advertising or other communications or services. You may opt out of receiving these messages at any time by following the unsubscribe link within the applicable message or by contacting us at dpo@damahealth.com.
The website uses the following analytics program(s) to collect information about you and your behaviors: PostHog, Sentry
You can access, review and update or change your account information through our Platform. If you have any questions about how to access other Personal Information, or if you would like to correct or delete any Personal Information we collect and maintain, please contact us at dpo@damahealth.com. We will accommodate requests as required by law. Otherwise, we will retain a record of your request, and your Personal Information will be maintained in accordance with this Privacy Policy and our data retention and deletion policies (“Retention Policies”).
STORAGE:
We strive to use industry-standard data collection, storage, and processing practices and security measures to protect against any unauthorized access to, accidental loss of, or disclosure of your information. These safeguards may vary based on the sensitivity of the information that we collect and store.
We ensure that the information you provide to us is accessed and used in accordance with our security policies and procedures, or those agreed with our service providers. Everyone at Dama Health and any third-party service providers we may engage that process personal information on our behalf for the purposes listed above, are also contractually obligated to respect the confidentiality of your personal information.
Your Personal Information is stored by the Dama Health on its servers, and on the servers of the cloud-based database management services the Dama Health engages, located in the United States.
Dama Health has its headquarters in the United Kingdom, however your Personal Information is processed in the United States. By using Dama Health’s services, you acknowledge that your Personal Information will be processed in the United States and that you understand that the United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, Dama Health obtains appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board, as updated from time-to-time.
Depending on the circumstance, Dama Health also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Dama Health in a manner that does not outweigh your rights and freedoms. Dama Health endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Dama Health and the practices described in this Privacy Policy. Dama Health also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Dama Health has received zero government requests for information.
For more information or if you have any questions, please contact us at dpo@damahealth.com
Unfortunately, no security method or combination of methods is foolproof. We will always strive to do our best and to work with third-party service providers that strive to do the same, but we cannot warrant or guarantee the absolute security of any Personal Information that may be transmitted to or from the Platform. There is no guarantee that Personal Information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. Therefore, any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform, or your computer or mobile device.
We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. You are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of our Platform. In order to protect you and your data, we may suspend your use of any of the Platform, without notice, pending an investigation, if any breach of security is suspected.
Please note that we will never send you an email requesting confidential information, such as account numbers, usernames, passwords, or Social Security Numbers.
In the event of a data or security breach, we will take the following actions: (i) promptly investigate the security incident, validate the root cause, and, where applicable, remediate any vulnerabilities within our control which may have given rise to the security incident; (ii) comply with laws and regulations directly applicable to us in connection with such security incident; (iii) as applicable, cooperate with any affected user or client in accordance with the terms of our contract with such user or client; and (iv) document and record actions taken by us in connection with the security incident and conduct a post-incident review of the circumstances related to the incident and actions/recommendations taken to prevent similar security incidents in the future. We will notify you of any data or security breaches as required by and in accordance with applicable law.
Dama Health retains your Personal Information for as long as it is legitimately necessary for us to provide you with the Services, and for us to comply with applicable laws. How long we will need to retain your information will vary depending on factors such as the lifetime of your device, your individual clinical needs, and, to the extent that your Personal Information is a medical record as defined by the laws where you live, the retention period for medical records.
After it is no longer necessary for us to retain your Personal Information, we dispose of it according to our Retention Policies. If you delete your account, we will delete your Personal Information in accordance with the Retention Policies.
The Platform is not intended to be accessed or used by children under the age of 13, and DAMA HEALTH does not knowingly or intentionally collect any Personal Information from children below the age of 13.
Parents/legal guardians have the right to review or ask us to delete their child’s personal information, as well as to refuse to permit us to further collect or use their child’s personal information. To do any of these, please contact us at dpo@damahealth.com with your request.
We may send communications, including emails, to you regarding your account or the Platform. You can choose to filter any account or Platform update emails within your email settings, but we do not provide an option for you to opt-out of these communications.
If you’d like to opt-out of receiving offers, promotions, and other marketing communications, you may do so by emailing dpo.
If you are a resident of the European Union, Dama Health would like to make sure you are aware of all your data protection rights. You are entitled to the following:
The right to access – You have the right to request Dama Health for copies of your Personal Information. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Dama Health correct any Personal Information you believe is inaccurate. You also have the right to request Dama Health to complete the information you believe is incomplete.
The right to erasure (“Right to be Forgotten”) – You have the right to request that Dama Health erase your Personal Information, under certain conditions. This right will not apply when Dama Health is legally required to retain your Personal Information, including when your Personal Information is part of a medical record.
The right to restrict processing – You have the right to request that Dama Health restrict the processing of your Personal Information, under certain conditions.
The right to object to processing – You have the right to object to Dama Health’s processing of your Personal Information, under certain conditions.
The right to data portability (transfer) – You have the right to request that Dama Health transfer the data that we have collected to another organization, or directly to you, under certain conditions.
The right to withdraw consent – You have the right to withdraw your consent on using your Personal Information.
If you make a request, we have one month to respond to you.
Reasonable access to your Personal Information will be provided at no cost. If access cannot be provided within a reasonable time frame, Dama Health will provide you with a date when the Personal Information will be provided. If for some reason access is denied, Dama Health will provide you with an explanation as to why access has been denied.
If you’d like to receive additional information about our privacy practices, have questions, or would like to exercise any of your rights, please do not hesitate to contact us.
Email us at:
Or write to us:
If you live in the UK or the European Union at:
Dama Health Ltd.
Jump Accounting, Wework,
Queen Street, London, England, EC4R 1AP
Our Data Protection Officer is Will Daubney, who may be reached at dpo@damahealth.com.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. Should you wish to report a complaint, or if you feel that Dama Health has not addressed your concern in a satisfactory manner, you may contact:
If You are a Resident of the UK: The Information Commissioner’s Office, online at https://ico.org.uk/make-a-complaint/
If You are a Resident of the EU: Please contact the Data Protection Authority for your country: https://edpb.europa.eu/about-edpb/about-edpb/members_en