General Information
In line with our legal obligations, Flo Health collects your data only to the extent it is required to fulfill precise purposes related to our business.
This privacy notice tells you what to expect us to do with your personal information when you make contact with us through our landing pages in relation to our Employee Benefits Program.
Controller’s Contact Details
Flo Health UK Limited is the controller for the personal information we process, unless otherwise stated.
There are many ways you can contact us, including by email and post.
Our postal address:
Flo Health UK Limited
27 Old Gloucester Street,
London, WC1N 3AX
United Kingdom
We can be contacted by email at support@flo.health or privacy@flo.health
Data Protection Officer Details
You can contact our Data Protection Officer at privacy@flo.health or via our postal address. Please mark the envelope ‘Data Protection Officer’.
Your Data Protection Rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing
You have the right to object to processing if we are able to process your information because the process is in our legitimate interests.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
You are not required to pay a charge for exercising your rights. We have one month to respond to you.
Please contact us at support@flo.health or privacy@flo.health if you wish to make a request.
Sharing Your Information
We will not share your information with any third parties for the purposes of direct marketing.
We use HubSpot Inc. and MailerLite as third party data processors who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information and will hold it securely and retain it for the period we instruct.
You can find out more about HubSpot and their privacy practices here.
You can find out more about MailerLite and their privacy practices here.
We may also share your data with any of our global offices, which means our subsidiaries. You can find out about our subsidiaries here.
Information We Collect Directly From You
When you interact with our landing page, we may collect the following information from you should you choose to provide it:
Personal Information
- your full name
- company name
- company size
- email address
- phone number (optional)
- job title (optional)
Location Information:
- IP address;
- Time zone;
- Information about your mobile service provider.
To collect this information, we may also send cookies to your mobile device or computer or engage other tracking technologies. See more in our cookie policy.
Some of the information we collect may be provided to us by LinkedIn or ZoomInfo. You can read more about LinkedIn’s privacy practices here and more about ZoomInfo privacy practices here.
How We Use Your Data
We use information you provide as described above in the following ways:
- To provide you with information related to the Flo Employee Benefits Program.
- To contact you in order to discuss the Flo Employee Benefits Program.
- To provide you with information relating to events you registered for and related materials.
Our Legal Basis
Our legal basis for processing your data is legitimate interest. This means that we will only use your data as you expect us to do, that is, to respond to your queries and to provide further information about our employee benefit program which we think may be of interest to you.
Security
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. You can read more about our security practices here.
Storage
Your data will be stored in the United States. We participate in and have certified our compliance with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks. You can read more about the privacy shield framework here.
For customers in the EEA
The European Court of Justice has declared the EU-US Privacy Shield invalid, which we like many companies had previously relied on to ensure a sufficient level of data protection, to be invalid. We have entered into Standard Contractual Clauses with all non-EU vendors of data processing tools (data processors) to ensure an adequate level of data protection in accordance with Art 46(2)(c) GDPR.
However, the Standard Contractual Clauses do not bind the governmental bodies of the non-EU country in which our processor operates. In some cases, governments may have powers of surveillance that run contrary to EU law data protection principles. Therefore, there is a risk that a processor might be forced by law to act against the obligations contained in the Standard Contractual Clauses and hand over personal information to local government officials, with limited rights for Flo and you as an individual to seek legal help against such actions.
We manage this risk by ensuring our processors are subject to robust due diligence procedures and additional security measures such as encryption. We do not work with processors based in countries where we are concerned about the rule of law with respect to privacy.
We continue to closely observe regulatory developments and best practice in this area. In the meantime, some non-EU processors, and in particular US-based processors, are a vital part of our service and we cannot provide our service to you without using such processors as described in this privacy notice.
Retention
We will store your information for as long as you want to hear from us. You can unsubscribe from our mailing list at any time. You can also ask us to delete your information by sending your request to support@flo.health or privacy@flo.health.
Contact us
General
If you have any questions or concerns about your privacy you may contact us as at:
Flo Health UK Limited, 27 Old Gloucester Street, London, WC1N 3AX, United Kingdom
Email: support@flo.health or dpo@flo.health
You may also contact your local data protection authority. A list of local data protection authorities is available here.
Changes to this Notice
We reserve the right to and may change this Privacy Notice from time to time. If we make any material changes, we will notify you by email (sent to the email address specified) or by presenting you with a new version of this Privacy Notice and please check regularly for updates.