This privacy notice explains how we process information about individual people, known as “personal data”, that we collect through the ZOE Health Study app.
ZOE developed the COVID Symptom Study app with advice from an expert team of doctors and scientists from King’s College London (KCL) to support vital COVID-19 research and share those findings with you (our contributors), the public, health researchers, the NHS and others. ZOE is the controller of your personal data.
The ZOE Health Study will continue to support researchers to advance their understanding of COVID-19. In addition, users of our app may opt in to the ZOE Health Study (where users help us to fight major diseases and health concerns beyond COVID-19 through regular health reporting and sometimes answering additional related questions), in which case we will extend our interest to other diseases beyond COVID.
We may also be processing your personal data if someone else – a family member, parent, guardian or member of your household – has entered it on your behalf. See the section headed “recording information for others” for more information.
All previous privacy notices and current and previous consents can be found here.
Information we collect about you
We collect information relating to your health (physical and mental), behaviour, diet and demographics. Because this is all linked together, it is what the GDPR calls “sensitive personal data”. This includes:
Quantitative health metrics - for example body temperature, height, weight and blood pressure.
Information about pre-existing conditions.
Information about your symptoms (both physical and mental).
The status of tests that you take - for example COVID-19 PCR, lateral flow and antibody tests.
Your vaccination status and any associated adverse effects - for example COVID-19 vaccination.
General information about you such as the sex assigned to you on your birth certificate, your year of birth and your current location (including postcode).
Details of any treatment you have received - for example medications and hospital treatments.
Your occupation - for example whether you are a health worker coming into contact with patients.
Whether you are a member of a study that we are collaborating with - for example the UK Twins Study.
Information about your behaviours - for example sleep habits, exercise habits, social habits, social distancing, mask wearing.
Information about health outcomes - for example diagnosis of new conditions and hospitalisation events.
Information about your diet - for example types of foods that you eat, food frequency, gut transit time.
The information about you that we collect and process will evolve over time. You will always be aware of what that information is because it will be actively contributed, either by you or someone on your behalf. There is no obligation on you to contribute any information - it is all entirely voluntary. If there is some information you are not comfortable contributing, you can choose to omit it. We are grateful for whatever you choose to contribute.
We will make sure that any information we request is relevant. If you are only interested in assisting our COVID work, we will not ask you for information that will not be used as part of it.
Why we process information about your health
We process your information about your health so that:
We can better identify and understand symptoms of COVID-19.
We can follow the spread of COVID-19, for example, so that we can estimate infection levels, identify hotspots or track emergence of new variants of concern.
We can identify the exposure of healthcare workers to COVID-19.
We can advance scientific research into the links between patient's health, health outcomes and their response to infection by COVID-19.
We can track the uptake of COVID-19 vaccines and advance scientific research into the impact and effects of vaccination programmes.
We can better understand the impact of the COVID-19 pandemic on people’s physical and mental health both at an individual and a population level.
More generally, in helping to combat the spread of COVID-19 and improve the treatment and prophylaxis of it.
In the future we may use this data to help the NHS support individuals suffering from COVID-19 infection or its after-effects.
We can send invitations to you relevant to the information you have given us, for example to invite you to take a COVID test, join a vaccine or treatment trial, or to donate convalescent plasma - it is entirely up to you whether you take up any of these offers.
If you have opted into the ZOE Health Study, we also process your data in order to better understand general public health, individual health and their relationship with lifestyle, behaviours, diet and other factors.
Specifically, with this data:
We can contribute to scientific understanding in general.
We can unlock new understanding of a broad range of health outcomes including serious diseases and health conditions, including infectious diseases, dementia, cancer, cardiovascular disease, diabetes, non-alcoholic fatty liver disease, obesity, autoimmune diseases and more.
We can carry out research into the symptom and lifestyle precursors of various health outcomes, including the onset of serious diseases or health conditions, with the aim of better identifying early symptoms and lifestyle risk factors.
We can carry out research into the progression of serious diseases and health conditions, with the aim of better understanding the evolution of symptoms associated with them over time and how lifestyle factors influence them.
We can help other parties recruit people into research studies by identifying suitable individuals (for example those with a particular disease). This will be restricted to sending you an invitation to participate. It will be entirely up to you whether to join a research study and, unless you do, the other party will know nothing about you. See below under “research studies” for a full explanation.
We can produce interesting insights into health and share them with you and the public.
We can deliver personalised health insights to you based on the data that you and others contribute.
We can deliver population-level health insights to you and the public via multimedia channels (including blogs, videos, webinars). Insights like these would not contain any information about specific individuals.
We can develop commercial applications in the field of health, nutrition and lifestyle based on aggregated data from our contributors. To note: we do not sell personal data.
Our legal basis for processing this type of data is that we have your consent to do so.
Our servers automatically collect some information (see below for more details), but none of that will be used in our health research without your explicit consent.
We do all the above because ZOE strives to produce good science. We believe that making the results of our research widely available maximises its positive scientific impact. ZOE is committed to helping people live to their fullest through understanding individual health responses in the real world and using that to personalise lifestyle recommendations. The science that we generate using the data collected via this app will better empower ZOE to fulfil this mission.
Our legal basis
Our legal basis for processing your health data is that you consented to it. You are welcome to withdraw your consent at any time, though this means we will then delete the data that you have given us. You are also welcome to contribute some information to us, but not all. Everything is potentially useful.
If you wish us to stop processing your sensitive personal data, you may withdraw your consent at any time by emailing us at firstname.lastname@example.org. When you withdraw your consent, we will delete all sensitive personal data we hold about you.
How long do we store health data?
Because of the nature of the research we carry out, we are unable to set any particular time limit on the storage of your sensitive personal data, but we will keep it under regular review and ensure that it is kept no longer than necessary.
How we share data for fighting COVID
As part of our effort to combat COVID, in order to ensure that your information is put to the best use, we may share it with people doing health research, for example, people working in:
Other research institutions
When we share your information with researchers outside the NHS, we will take steps to prevent you being individually identified by the people we share it with. For example, we will do the following:
Remove obvious personal details, including your name, email address and telephone number, and instead use an anonymous code for each user.
Remove the last 3 digits of your postcode or replace it with an LSOA code, so that your general location is usable for better understanding any geographical links in the data but that your address is not discoverable.
Require everyone receiving this data to agree not to try to identify you and to take action if they discover that it may be possible to do so.
One way in which we hope to support the app financially, is to help other organisations, such as external academic institutions, research organisations and commercial organisations to design and recruit for specific research studies for which we might then charge a fee. Supporting such research studies is a means by which we can further our aim of improving the world’s general understanding of disease.
Since your privacy is important to us, and we will not be in the business of selling data, research studies would always be “opt in” whereby the choice to participate is entirely within your control. If we think you are suitable for one of these studies, we may send you an invite giving you the option to participate. In some cases, it will be up to you to contact the organisation running the study, in other cases we will contact them on your behalf, but whatever happens, we would first obtain explicit consent from you before taking any action - and there is absolutely no obligation to accept.
We may use information about you to identify if a study would be suitable for you (for example, a study might be designed for people with diabetes). We will not give any information about you, including your contact details, to any collaborator unless you ask us to do so.
Each study is different. Most will have their own additional privacy notice, which will explain what is involved in the study (what information is collected, what it is for and who is conducting it). Sometimes the study will use data you have contributed through the app, but it will not necessarily do so. If we invite you to participate in a research study, we will explain all this to you at the appropriate time.
We also collect some information about you that is not itself of a sensitive nature:
your name (optional)
the names of other people who you are reporting for (optional)
phone number (optional)
We use this information for the following purposes:
Asking you for feedback on the app or conducting other forms of survey.
Keeping in touch with you about the app and its performance, including identifying faults or other problems connected with the app.
Inviting you to take medical / health tests to support scientific research (some of these invitations will be triggered by things that you tell us about your health - for example if we invite you for a COVID test).
Sending you information about new versions of the app or related apps which we may launch in the future.
Inviting you to take part in our new studies that we or those from research organisations which we are collaborating with.
Sharing with you relevant news, events and scientific discoveries made by ZOE and KCL.
Carrying out statistical analyses on the use of our app.
Every such email will include a link you can click to opt-out from receiving them. We will not sell your contact information to third-parties.
Automatically collected data
On our website, we also use third party analytics providers such as Google Analytics, who collect similar information and then supply us with further analysis derived from it.
We process this data in order to:
Locate errors in our systems or problems our systems may be facing with other systems (such as compatibility with a web browser).
Improve the functioning of our Service.
Prevent fraud or other criminal activity.
This information is, by default, automatically sent by web browsers and apps. There are technical ways you can obscure this information (for example by changing the information your browser supplies to us) but our systems cannot avoid processing information that is sent to them.
We routinely delete our server logs after 30 days, unless we are aware of any serious problem that requires investigation (for example fraud or a hostile attack to our systems), in which case we may preserve any information necessary for that investigation for as long as it is needed. Once the investigation is concluded, we will delete the data.
We also use information about how you were referred to our website (if available) and how you move within our website (collected in various ways, including from information sent by your browser and cookies) for the same reasons, but this data may be kept for longer periods, for example in order to help us understand whether our marketing is properly directed.
Modern mailing list systems, such as our supplier Mailchimp, place a pixel (a small image the size of a dot) in each email they send. When displaying the email, most mail systems will collect the image from Mailchimp’s servers. Each pixel is unique, so Mailchimp can detect that the email has been opened.
Most mail software will let you switch off this behaviour, but it is very useful for us because it allows us to know whether there is a problem with emails we send out. It also allows us to work out what proportion of our emails are actually read. We do not want to send you emails you do not want. This way, we can detect any systematic problems with the mail we send out.
Our legal basis for processing this information is our legitimate interest in developing, marketing and running the app.
We keep your contact information for 6 years after the last communication with us, or the last use of the app (whichever is longer), in order for us to be able to pursue or defend any legal claim against us, then we delete it.
Recording information for others
The app also allows you to input information about other people in addition to your own by making a separate profile for them. If the other person is able to understand the concept of consent, for example if they are a mentally competent adult or mature child, then you must only do this if they have given their consent.
Younger children may not be mature enough to give consent, but they may be able to understand what you are doing. If so, you should explain to them what you are doing and what may happen to information about them to the extent they are capable of understanding. You should also try to take into account their views, even if you make the ultimate decision. We trust you to know your child and to do what is appropriate given their level of maturity.
Third party processors
We use third parties to process all of the above information on our behalf for various tasks. When we allow them access to your data, we do not permit them to use it for their own purposes. We have in place with each processor, a contract that requires them only to process the data on our instructions and to take proper care in using it. They are not permitted to keep the data after our relationship with them has ended.
We use some processors for running our website, app and maintaining their security as well as for maintaining our databases and database security.
We use a second group of processors for managing our relationship with users, including emails and mailing lists as well as for conducting research about our users and their use of the app.
For user interaction, such as giving webinars, carrying out polls during webinars or to field questions from users), we also use a number of external services which may process information about you for their own purposes. For example, if you access a webinar on YouTube and have an account with YouTube, the operators of YouTube will be aware that you have done so.
In these cases, we process the information about you in order to give the presentation to you or answer your questions. We do not otherwise use any information we obtain in this way, but sites like YouTube will make their own use of it and you should consult their privacy notices to understand any privacy implications of their use.
International transfers of data
Because the work we do takes place in the UK, the UK’s “General Data Protection Regulation” (GDPR) applies to our processing of information about you (otherwise known as “personal data”), even if you do not live in the UK. The GDPR regulates the export of data outside the UK.
Some of our processors (see above) are based outside the UK. This means that we will sometimes send your personal data to them to be processed on our behalf outside the UK.
The GDPR permits us to send data to somewhere that has been held to have a comparable level of personal data protection, but if it does not, we require each processor to sign standard contractual clauses (contractual terms approved by the Information Commissioner) requiring them to protect your personal data in accordance with the GDPR. Some of those clauses are enforceable by you directly against the processor. In addition, we may impose additional provisions of our own if we believe it is necessary to do so in order to ensure that your personal data is at least as well protected after it leaves the UK as it was in the UK.
Under the GDPR you have a number of important rights free of charge. In summary, those include rights to:
Access your personal information.
Require us to correct any mistakes in your information which we hold.
Require the erasure of personal information concerning you in certain situations.
Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
Object in certain other situations to our continued processing of your personal information.
Otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the United Kingdom Information Commissioner’s Office (ICO) on individuals rights under the GDPR.
If you would like to exercise any of those rights, please email, call or write to our data protection officer using the contact details given below.
The GDPR also gives you the right to lodge a complaint with the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/your-personal-information-concerns or telephone: +44 0303 123 1113.
We are ZOE Limited - a company registered in England.
Our UK address is: 164 Westminster Bridge Road, London SE1 7RW
Data Protection Officer: email@example.com