Cerebria Privacy Notice
This privacy notice is effective as of the 6th March 2023
CEREBRIA is a company founded to improve the safety and treatment of patients using state of the art machine learning and artificial intelligence. Using computer algorithms, and multiple live inputs, we work hand-in-hand with physicians to provide a range of early warning and enhancement tools to reduce procedural risk and avoid complications. In providing this service, we are committed to maintaining your trust and confidence with respect to your privacy.
This privacy notice explains how we collect, use and share your personal data when you use our website and participate in our business activities.
1. About our privacy notice
2. Personal information we collect
3. How we use your personal data
4. How we share your personal data
5. How we store your personal data
6. Your data protection rights
7. How to contact us
1. About our privacy notice
This privacy notice applies to our website and business activities, that refer or link to this privacy notice (the “Services”). For the purposes of any data you provide, or that is collected by us for or in connection the Services, Cerebria Ltd will be the controller of your data.
It is important that you read this privacy notice so that you are fully aware of when and how we are collecting or processing your personal data, and why we are using your data.
Historic versions of our privacy notices can be obtained by contacting us at info@cerebria.ai.
2. Personal information we collect
We collect information about you in multiple ways directly from you, and through automated technologies.
Data collected from automated technologies
We store log files and use cookies. We use these technologies to collect and analyse technical information including:
IP address
Device type
Your operating system version
Your browser type and version
Referring and exiting pages and URLs
The number of clicks on a page
Pages viewed and the order of those pages
The amount of time spent on particular pages
Your web browser or device may offer settings that allow you to choose whether cookies are permitted. It may also offer you the chance to review and erase cookies (including cookies you receive from your use of the Services).
Please note that, if you limit or restrict our ability to use cookies, this may have an impact on your experience in using the website. For example, the performance of the website may be affected.
Data you provide to us
The types of personal information that we collect directly from you depends on the content and features of the Services you use and how you otherwise interact with us and may include:
Data you provide when you participate in a formative or summative evaluation as part of our product development activities, such as your name, email address, medical specialty, hospital and role.
Information that you communicate to us, such as questions or information you send to customer support.
Data from your use of the Services
The Services may automatically collect information on how you and your device interact with the Service such as:
Computer, device and connection information, such as IP address, browser type and version, operating system and other software installed on your device, unique device identifier and other technical identifiers, error reports and performance data.
Usage data, such as logs of when you visit or use our Services, browsing actions and patterns. To link you with this log of activity, cookies, device information, and IP address.
We collect this data through our servers and the use of cookies. We use cookies to collect data to link you and your device(s) with your activity when using our Services.
3. How we use your personal data
How we use your data will depend on a number of factors. These include; how the data was collected, who provided the data, which Service you use, how you use the Service, and any choices you have made about your data.
We will only collect and process your data where we have a lawful basis for doing so. Lawful bases include consent (where you have provided it to us), contract (where processing is necessary for the performance of a contract, and “legitimate interests”.
Where we rely on your consent to process your data (such as direct marketing) you have the right to withdraw or decline your consent at any time. Where we rely on legitimate interests, you have the right to object to those legitimate interests. If you have any questions around what basis we are processing any of your data, please contact us at info@cerebria.ai.
We will use your personal data in the following circumstances:
To provide the Services to you
We use cookies to remember information about your browser and any settings or preferences.
To keep in touch with you
We may contact you via email in order to respond to a website enquiry. Please be aware that we will not provide you with direct marketing unless you have specifically given us your consent.
Developing our Services
We use your data, including any feedback that you provide to us, surveys you voluntarily complete, and data about your engagement with the Services, to develop our Services and provide you with a better experience going forward.
We use cookies to analyse how the Services are accessed, used or are performing. This information is then used to maintain, operate and enhance the Services with the aim of improving your overall experience. We use first party analytics tools to track page views and user behaviour within the Services.
We also use these cookies to create insights and provide aggregated information about how you use the Services, the content you interact with, and how you interact with our website.
Product Development Activities
Data you provide when you participate in a formative or summative evaluation will be securely stored in our Quality Management System. We use legitimate business interests as the legal basis for using this data to support our product development activities. This data may be included in submissions to regulatory authorities to support licencing applications for our products.
Providing support
We use your data to respond to and resolve complaints arising from Service issues.
Providing insights to others
We may use your data to produce and share insights, where these insights do not identify you.
Security reasons
We use cookies to detect security threats, and any other malicious activity on the Services.
4. How we share your personal data
Suppliers and Service Providers
Depending on how you use the services, we share your personal data with:
email service providers
website provider (Squarespace)
Quality Management System provider (Greenlight Guru)
as necessary to provide the Services, complete a transaction or fulfill your request or otherwise on our behalf based on our instructions. Your personal data may be accessed, stored or processed by these services.
We use data processors who are third parties to provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us and will retain it for the period we instruct. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
With regulators or where required by law
In some circumstances, we may be legally required to use or disclose information about you. Examples of when this might be necessary include, to:
comply with a regulator’s investigation, or to prevent or act in respect of suspected or actual illegal activities taking place via the Services;
enforce any other agreements we have with you or others;
investigate and defend ourselves against third-party claims or allegations; and
our the security and integrity of the Services, including the protection of our employee’s rights.
Where we need to use your personal data for one of the reasons listed above, we will attempt to notify you of such, unless prohibited by law or court order or in case of emergency.
If we are acquired by another company
We will share your data with other companies as part of any sale process, merger, or change of control of our business. Any entity that purchases us or part of our business will have the right to continue to use your data only in the ways set out in this privacy notice, unless you agree otherwise.
5. How we store your personal data
Cross-border transfers of data
We process and store data inside the European Union and the United Kingdom and we rely on legally provided mechanisms to lawfully transfer data across borders.
Data retention
As a general rule, we retain your data as long as required to provide you with the Services. This is subject to your exercise of rights (set out in section 6) and any data that might be retained after closure of your account, as detailed below.
Security
We intend to implement industry standard security safeguards designed to protect your data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. However, we cannot guarantee the security of any information that you provide when using the Services. In the rare event of any reportable data breach, we will notify you as soon as possible and in accordance with regulatory requirements.
6. Your data protection rights
You have rights under data protection law, namely the Data Protection Act 2018, GDPR (United Kingdom General Data Protection Regulation) (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with these. Where data is processed by a controller or processor established in the European Union or comprises the data of people of the European Union, it also includes the EU General Data Protection Regulation (EU GDPR).
These rights include:
Your right of access – You have the right to ask us for copies of your personal information
Your right to rectification – In addition to the controls described above, you have the right to ask us to rectify personal data you think is inaccurate and the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to delete your personal data in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstance, e.g. if we have no legal right to keep using it, or if your data is inaccurate or unlawfully held.
Your right to data portability – You have the right to ask that we transfer all or specified personal data you gave us to another organisation, or to you, in certain circumstances, by means of a copy of the data provided in a machine-readable form (e.g. pdf, word, excel etc.).
Your right to restrict data processing – You have the right to ask us to restrict processing of your personal data in certain circumstances, e.g. you have an issue with the content of the information that we hold. This may be used as an alternative to erasing your data.
You are not required to pay any charge for exercising your rights. If you wish to exercise any of these rights, please contact us using the details in Section 7. We will respond to your request consistent with applicable laws. To protect your privacy and security, we may require you to verify your identity.
7. How to contact us
Cerebria Ltd is a company registered in England (company number 11495251) with it’s registered office at Finsgate 5-7, Cranwood Street, London, EC1 V9EE (collectively referred to as “Cerebria, “we”, “our” and “us” in this privacy notice).
If you have any questions about this privacy notice, concerns how your personal data is used by us, or wish to make a request to exercise your legal rights, you can contact us using the details below:
E-mail: info@cerebria.ai
Postal Address: Finsgate 5-7, Cranwood Street, London. EC1 V9EE
If you are not satisfied with our response, or if we cannot resolve your complaint you can also contact the Information Commissioner’s Office (“ICO”). Please note that nothing prevents you from taking a matter to the ICO before having spoken to us, nor does anything prevent you from taking a matter to the relevant data protection regulator in your home country.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk