Download

Privacy Policy

TapSOS Privacy Policy

1. Keeping your data safe

1.1 We are committed to keeping your personal data safe and secure and handling it in accordance with our legal obligations. This Privacy Policy sets out in detail the purposes for which we process your personal data, who we share it with, what rights you have in relation to that data and everything else we think it’s important for you to know.

2. Who’s in control of my personal data?

2.1 The TapSOS website and app are run by Inclutech Limited (we, us, our). We are the “controller” of the personal data that we collect and process for the purposes of providing TapSOS and for any other purposes set out in this Privacy Policy. This means that we are responsible for deciding how and why your data is used and for ensuring that your data is handled legally and safely.

3. What data do you collect and where from?

3.1 We collect the following personal data from you when you set up an account with the app (Account Information):

3.1.1. your email address; and

3.1.2 a password.

3.2 Once you have set up an account, we collect the following personal data to enable you to set up your profile (Profile Information):

3.2.1 Your full name;

3.2.2 date of birth;

3.2.3 sex;

3.2.4 Mobile number; and

3.2.5 Home address.

3.3 Our app will also ask you to input medical information, such as your blood type, whether you are an organ donor, any medication you are on and any disabilities you have, for example if you are Deaf (Medical Information). This information is collected to be passed on to the emergency services as they need it to handle the situation appropriately. It can also assist emergency responders at the scene if you are unable to give them this information.

3.4 When you create an alert, you will be asked to confirm your location, select which service you require, select the appropriate icon(s) to describe the incident and answer some questions about the situation (Alert Information). This is information that we have to collect in accordance with 999 protocols. This information, together with your Medical Information, is then populated into a text message that is sent to a BT call handler to pass on to the 999 service. As with Medical Information, we do not see the content of any alert or text message.

3.5 Once an alert has been sent, we keep a record of the fact that an alert has been sent and the mobile number from which it was sent (Alert History).

3.6 If you sign up for our mailing list on our website, we will collect your name and email address.

3. 7 We will collect personal data from you if you contact us by post, email, telephone or social media with comments, queries or complaints. This will include your name, contact details and any other personal data you provide to us in your correspondence.

3.8 We use third-party tools to help us monitor and improve the performance, reliability, and security of our website and app. These tools may collect technical data such as your IP address, device type, operating system, error logs, and general usage patterns (for example, which screens you access and how long you spend on them). This information is used solely to support the operation and enhancement of our services and is not used to identify you personally. Any third parties processing this data on our behalf are contractually required to comply with data protection laws. Please see our Cookies Policy for more information.

4. What do you use my personal data for?

4.1 We use your Account Information and your Profile Information to:

4.1.1 set up, manage and administer your account and your profile;

4.1.2 log you into the app;

4.1.3 allow you to use all the features of the app that are available to you;

4.1.4 verify your identity and monitor account set-up;

4.1.5 pass your details onto the 999 service when you create an alert so that 999 can deal with the alert appropriately; and

4.1.6 ensure that your account, your profile and your personal data are kept secure.

4.2 Alert Information and Medical Information is passed on to the emergency services together with your Profile Information so that the 999 service can identify you and deal appropriately with the situation.

4.3 If you misuse our app in any way (for example by making hoax alerts to 999), we will monitor your usage of the app and we may be asked to pass on your details to the police and/or to investigate your app usage further. If we are satisfied that we are legally allowed to pass your details on we will do so. This could result in 999 blocking or barring your number as a result of illegal activity (this is a decision made by 999 and not by us).

4.4 We use your mobile number to register you with BT’s emergencySMS service. This is required to enable you to use TapSOS.

4.5 We use your email address to contact you occasionally with service messages about TapSOS, for example to provide you with password reminders.

4.6 We store your Alert History to ensure that we have a record of the alerts created through the app and for our own record-keeping and audit purposes.

4.7 We use information you voluntarily provide to us when contacting us with queries, comments or complaints to enable us to respond to those queries, complaints or comments and to make sure that these are appropriately dealt with.

4.8 We use your personal data, including the technical data that we collect, to help us monitor, analyse and improve TapSOS to ensure that we are providing you with the best possible service.

5. Marketing

5.1 We will use your name and email address to send you marketing communications in the following circumstances:

5.1.1 if you proactively sign up to our mailing list on our website; and/or

5.1.2 when you sign up for an account on our app.

5.2 If you sign up to receive information about our own products and services, we will send you newsletters and product updates from time to time. We also sometimes use other personal data we hold about you to decide if particular marketing is relevant to you. For example, if we present at an event that is aimed at the Deaf community, we will only send information about the event to you if you have told us that you are Deaf.

5.3 We never share your information with third parties for marketing purposes. However, we sometimes partner with other organisations to market their products and services on their behalf. If this is the case and you have signed up to receive this kind of marketing, we will use other information that we hold about you to make sure that the information we send you is relevant and useful to you. For example, if we partner with a hearing aid provider and you have told us that you are Deaf, we could send you marketing messages that include information about that provider’s products.

5.4 You can opt out of marketing at any time by clicking “unsubscribe” in any marketing communications. Please note that unsubscribing from marketing of our own products and services will not unsubscribe you from marketing about third party products and services, and vice versa. If you want to unsubscribe from all marketing, you will need to opt out of both types of marketing.

6. What happens if I don’t provide my personal data?

6.1 If you do not provide the personal data that we request, you will not be able to set up an account with us or use TapSOS.

7. What is your legal basis for using my personal data?

7.1 Data protection law says that we have to tell you the “legal basis” that we rely on to process your personal data for the purposes that we have notified to you. The “legal basis” is our lawful justification for processing your personal data. We process personal data because it is in our “legitimate interests” to do so, you should note that you have a right to object to us processing your personal data for those purposes. However, this is a limited right and we will not need to comply with your request if we have compelling legitimate grounds to continue processing your personal data for those purposes. You should also be aware that if we stop processing your personal data for those purposes, you will not be able to use TapSOS for its intended purposes.

Purpose: Running Your Account

  • Legal Basis: We process this personal data to perform our contract with you, allowing access and use of TapSOS, including contacting you with service messages and registering you with emergencySMS.

 Purpose: Sending Alerts to 999

  • Legal Basis: This processing is necessary to perform our contract with you, allowing TapSOS to send alerts to 999 via BT call handlers, providing all required information for alert handling.

Purpose: Providing Information to Emergency Responders

  • Legal Basis: We process this data on the basis of legitimate interests of us, you, and the 999 service. It ensures safety and welfare, allowing emergency responders to obtain key information if you cannot provide it, so they can act appropriately during emergencies.

 Purpose: Record-Keeping and Audit

  • Legal Basis: This processing is based on legitimate interests to ensure accurate records of app activity, maintaining logs of usage, and handling queries or issues related to previous alerts effectively.

 Purpose: Marketing Our Products and Services

  • Legal Basis: Processed under legitimate interests to promote our app and business. You can opt out of marketing communications anytime by clicking “unsubscribe.”

Purpose: Marketing Third-Party Products

  • Legal Basis: Based on your consent, obtained when you sign up for third-party marketing. Consent can be withdrawn anytime via “unsubscribe.”

Purpose: Responding to Correspondence

  • Legal Basis: This processing is based on legitimate interests to ensure correspondence, comments, and queries are handled effectively, preserving our business reputation and improving our services.

Purpose: Improving Our Services

  • Legal Basis: Necessary for our legitimate interests in continually enhancing our app and website, providing the best and most effective service possible.

8. Special category personal data

8.1 Medical Information and Alert Information both contain “special category personal data”. This is personal data that is more sensitive, such as health information, and therefore requires a higher level of protection under data protection law.

8.2 Alert Information and Medical Information is collected because this is necessary in your, or someone else’s, vital interests. Our app is intended for use in emergency situations when life or health is in danger. This information therefore needs to be collected to allow the 999 service to respond appropriately to the emergency and to preserve life or health.

 

9. Who do you share my personal data with?

9.1 We only share your personal data with third parties when it is necessary to deliver our      services or to meet legal obligations. These include the following circumstances:

9.1.1 We share your mobile number with BT to register you with BT’s emergencySMS service. This is a requirement to enable you to use TapSOS.

9.1.2 Some of our trusted third-party suppliers help us operate, support, or host our website      and mobile app. While these suppliers may process or store aspects of the technical data generated through your use of our services (such as logs or system metadata), they do not typically access your personal data and are not able to identify you from the information they process.

9.1.3 The only third parties who may handle personal data (under our instruction) are:

(a)  our website and app development provider (in limited support contexts); and

(b) our hosting provider, Amazon Web Services (AWS), which stores your data securely on servers located within the UK.

We have strong contractual agreements in place with these suppliers to ensure they handle any data safely, securely, and in compliance with data protection legislation. Where personal data is involved, these suppliers act only on our instructions and are not permitted to use the data for their own purposes.

9.2 When you create an alert, the alert (including the relevant Alert Information and Medical Information) is sent to a BT call handler, who forwards it to the appropriate 999 service to dispatch emergency responders. The BT call handler and emergency services will be able to view this information, along with the fact that the alert was generated by a TapSOS user, to help them respond effectively. As previously noted, we (TapSOS) do not access or store this Alert or Medical Information ourselves.

Emergency responders may also access this information directly from your device if needed at the scene and you are unable to communicate it yourself.

9.3 We will also share your personal data with third parties in the following circumstances:

9.3.1 Where you have given specific consent to do so;

9.3.2 Where required or permitted by law, or to protect our rights or the rights of others;

9.3.3 If TapSOS or part of its business is acquired, in which case your data may be transferred to the new owner under the same protections.

9.4 We do not currently transfer your personal data outside of the UK or European Economic Area (EEA). If this ever becomes necessary, we will inform you and ensure appropriate safeguards are in place to protect your data in line with UK data protection laws.

 

10. How long do you keep my personal data for?

10.1 We will keep your Account Information and your Profile Information for as long as your account remains open. You can close your account at any time by contacting us in accordance with the process set out in our Terms and Conditions. Once your account has been closed, we will erase your Account Information and Profile Information, unless we need to keep this data in order to respond to any complaints or claims that you make (in which case we will only keep the data for as long as we need to in order to fulfil those purposes).

10.2 We will retain Alert History for 7 years from the date of the relevant alert.

10.3 We will keep records of any correspondence that we have with you for 7 years from the date of the relevant correspondence.

10.4 If you have signed up to our mailing list, we will keep your name and email address until you unsubscribe. When you close your account, we will give you the option to unsubscribe from our mailing lists.

11. What rights do I have?

11.1 You have a number of rights under data protection law. These rights and how you can exercise them are set out in this section. We will normally need to ask you for proof of your identity before we can respond to a request to exercise any of the rights in this section and we may need to ask you for more information, for example to help us to locate the personal data that your request relates to.

11.2 We will respond to any requests to exercise your rights as soon as we can and in any event within one month of receiving your request and any necessary proof of identity or further information. If your request is particularly difficult or complex, or if you have made a large volume of requests, we may take up to three months to respond. If this is the case, we will let you know as soon as we can and explain why we need to take longer to respond.

11.3 If you want to exercise any of these rights, please email us at mydata@18.171.191.214 

11.4 A right to access your information

11.4.1 You have a right to ask us to send you a copy of all the personal data that we hold about you (subject to some exceptions).

11.5 A right to an electronic copy of your information

11.5.1 You can also ask us to send you the Account Information and Profile Information we hold about you in a common electronic format, or to ask us to transfer that data to a third party if you want us to and if it is technically feasible for us to do so.

11.6 A right to object to us processing your information

11.6.1 You have a right to object to us processing any personal data that we process where we are relying on legitimate interests as the legal basis of our processing. If we have compelling legitimate grounds to carry on processing your personal data, we will be able to continue to do so.

11.7 A right to ask us not to market to you

11.7.1 You can ask us not to send you direct marketing. You can do this by following the “unsubscribe” instructions in any marketing emails.

11.8 A right to have inaccurate data corrected

11.8.1 You have a right to ask us to correct inaccurate data that we hold about you. If we are satisfied that the new data you have provided is accurate, we will correct your personal data as soon as possible.

11.8.2 You can update your own Account Information, Profile Information and Medical Information at any time through your account settings. It is your responsibility to ensure that your personal data is accurate and up-to-date.

11.9 A right to have your data erased

11.9.1 You have a right to ask us to delete your personal data in certain circumstances, for example if we have processed your data unlawfully or if we no longer need the data for the purposes set out in this Privacy Policy.

11.9.2 We will delete the personal data associated with your account as set out under “How long do we keep your data for?” above. Remember that you can close your account at any time.

11.10 A right to have processing of your data restricted

11.10.1 You can ask us to restrict processing of your personal data in some circumstances, for example if you think the personal data is inaccurate and we need to verify its accuracy, or if we no longer need the data but you require us to keep it so that you can exercise your own legal rights.

11.10.2 Restricting your personal data means that we only store your personal data and don’t carry out any further processing on it unless you consent or we need to process the data to exercise a legal claim or to protect a third party or the public.

12. Do you use cookies?

12.1 Like most websites and apps, TapSOS uses cookies to improve performance. Please see our Cookies Policy for more information.

13. How can I contact you?

13.1 If you have any questions or concerns about this Privacy Policy and/or our processing of your personal data, you can contact us at mydata@18.171.191.214.

14. What if I have a complaint?

14.1 You have a right to complain to the Information Commissioner’s Officer (ICO), which regulates data protection compliance in the UK, if you are unhappy with how we have processed your personal data.

14.2 You can find out how to do this by visiting ico.org.uk.

15. What if this policy changes?

15.1 We may make changes to this Privacy Policy from time to time. Any changes we make will be posted on this page. We may also notify you by email if significant changes are made.