1. Scope

All data subjects whose personal data including third party data is collected, in line with the requirements of the GDPR General Data Protection registration.

2. Responsibilities

2.1 The Data Protection Officer / GDPR Owner is responsible for ensuring that this policy and our other documentation relating to data privacy is made available to data subjects prior to Digital Fish Ltd collecting/processing their personal data.

2.2 All Employees/Staff of Digital Fish Ltd who interact with data subjects are responsible for ensuring that this policy is drawn to the data subject’s attention and their consent to the processing of their data is secured.

3. Privacy

3.1 Who are we?

Digital Fish Ltd is a medical technology and consultancy business providing Electronic health and

performance record software systems and consultancy to clubs and organisations since 2011. Is co-owned by Doctors registered in the UK with the General Medical Council.

Our Data Protection Officer can be contacted directly here:

Kaisu Cameron: Email kaisu@benchmark54.com. Telephone +44(0) 7541493575

3.2 Data Collection Use and Storage

3.2.1 Personal data type: Users data including Authorised Users

Email address: Name

Messages between users / controllers and our help desk personnel by crisp a service we use for support (one of our sub processors – who are GDPR compliant)

Activity Status – logs of all activity and web pages accessed dates and times

IP Address
Telephone

Device Type (operating system and browser)

Geographic Location, City, Country (guessed from the IP address)

Source: Directly from users of the website
www.benchmark54.com and https://app.benchmark54.com

3.2.2 Third party data: Athlete Data including medical

Medical data processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services or pursuant to contract with a health professional. This may contain contact details of third parties for use in emergency situations. Email Phone Address.

Third party data processing for statistical purposes only on agragated data (de personalised) which provides for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.

Source: Third party personal data is that data provided by the customers / controllers and their registered and authorised users.

app.benchmark54.com

3.2.3 The personal data we collect will be used for the following purposes:

The data is processed to provide clubs and organisations with a software platform to record interrogate and view medical and performance data.

Third party data processing for statistical purposes only on agragated data (de personalised) which provides for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.

Medical data processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services or pursuant to contract with a health professional.

3.2.4 Our legal basis for processing for the personal data:

Digital Fish Ltd will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). Digital Fish Ltd is required to retain information in accordance with the law, such as information needed for medical records.

We have a contractual obligation to collect and process personal including third party data as this is part of our business activities which is to provide clubs and organisations with a software platform to record interrogate and view medical and performance data.

3.2.5 The special categories of personal data concerned are:

  • Biometric data
  • Health data
  • Ethnic origin

3.2.5 Data Storage

The data that we collect and process from is stored and processed within the European Economic Area (“EEA”). By submitting your personal data and agreeing with our consents and or terms, you agree to this storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

We encrypt data at rest and in transit, we also protect login to the data with a commodo SSL and allow our users to enable two factor authentication to provide an extra level of data security.

3.3 Consent

By agreeing to our Benchmark54 Authorised User Agreement and consenting to our privacy policy you are giving us permission to process your personal data specifically for the purposes identified above.

Specific additional consent is required for Digital Fish to process third party personal and medical data, this is explained explicitly in our Athlete consent documentation and Athlete consent video. Obtaining the consents is the responsibility of our customers / controllers.

Withdrawal of consent is covered by our terms and conditions of service and also for third party data within our Athlete Consent documentation. We are able to remove any ability to further processing of the data however because of the nature of our business and the special category of data we process (medical) we have to retain this indefinitely for legal purposes.

Should you wish to discuss this your rights please contact our data protection officer Kaisu Cameron by emailing kaisu@benchmark54.com. Details about consent for third party data and erasure can be found in our athlete consent documentation.

3.4 Disclosure

Digital Fish Ltd do not disclose your personal information outside of our organisation and within the organisation only to those who need access to this information to process it in a manner consistent with the General Data Protection Regulation.

We will only disclose your personal information to third parties if:

Digital Fish Limited or substantially all its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions of Services and other agreements; or to protect the rights, property, or safety of Digital Fish Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

3.5 Retention period

Digital Fish Ltd will process personal data including third party data for as long as an agreement exists between our Customers our Registered and Authorised users. This agreement will be set out either via our Terms and Conditions of Service or our Data Processing agreement. Medical data is special category as such it must be retained indefinitely in electronic format.

3.6 Your rights as a data subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • We do not undertake automated processing or profiling.
  • Right to judicial review: if Digital Fish ltd refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in clause 3.7 below.
  • Should you wish to receive more details on any of the above please contact our data protection officer Kaisu Cameron info@benchmark54.com
  • Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

3.7 Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Digital Fish Ltd (or third parties as described in 3.4 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Organisation Name’s data protection representatives Data Protection Officer / GDPR Owner.

The details for each of these contacts are: Kaisu Cameron info@benchmark54.com

Telephone +44 (0) 7541493575

Cookies Policy

Cookies are pieces of data created when you visit a site and are stored in the cookie directory of your hard drive. They generally do not expire at the end of your session. Cookies do not contain any personal information about you and cannot be used to identify an individual user. They are used to help you when you return to a website. For example, they may enable you to return directly to a particular part of the site by ‘remembering’ where you last accessed. If you choose not to accept the cookies (by setting your browser to reject them), this should not affect your access to the majority of facilities available on our website.

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

The table below explains the cookies we use and why

Cookie NameNamePurpose
App cookiesdisable_changelog cookie_alert_closedThese cookies help B54 to remember your decisions not to show Changlog and Cookie alerts.
Server CookiesPHPSESSIDServer internal cookie. Serves private area access. Contain unique access id.
Performance Cookies__utma __utmb __utmc __utmt __utmzThese cookies allow us to do web site performance. We use Google analytics for this service.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

Changes to our privacy and cookies policy

Any changes we may make to our privacy and cookies policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@benchmark54.com .