Privacy Policy
Introduction
“Keep On Keep Up” (KOKU) – is the software application Keep On Keep Up, provided by Keep-On-Keep-Up Health CIC (“KOKU Health”). KOKU is a tablet-based application and multimedia to encourage and track exercise in older people. KOKU provides gamified health literacy activities and is designed for individuals to use without therapists. Keep On Keep Up can be used at home, alone or with family members, or in clinical environments with the supervision of a physiotherapist/exercise specialist. Keep On Keep Up gathers and stores personal data and information about you and your engagement with the system, which may be used to directly or indirectly identify you. This Privacy Policy describes what data is collected, how it is stored and for what purposes it is used.
Purpose
Your Personal Information
Your Rights
- The right to be informed
- The right to access a copy of their personal data
- The right of rectification
- The right of erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
Our legal basis for processing your personal data
How We Protect Your Personal Information
How We Use Your Personal Information
- Fulfil our obligations under the Terms & Conditions of the service we provide through the KOKU app
- Personalise your experience of using the app, such as greeting you by name
- Evaluate and demonstrate the performance of the app in its objective of encouraging and tracking exercise in older people, with an ultimate objective of reducing avoidable falls
- Understand how people use the app so we can continue to improve it and the content it offers
Changes to data collection
This privacy will be updated if and when there is a change in the purpose of data collection. Any consent from you the user (if consent was lawfully required) may need to be re-obtained.
Contact KOKU Health
Security
- Security overview. This section will present the different types of data handled by the application along with an overview of the data architecture of the solution.
- Database security. This section describes how data is secured while at rest.
Security Overview
- Patient Identifiable Data. Personal patient information, such as:
- Name
- Age and Date of Birth
- Sex
- Patient Non-Identifiable Data. Clinical data stored for each patient during therapy sessions, such as:
- Range of motion values
- Number of repetitions for certain exercises
- Game points obtained during certain exercises
- Diagnostic information and similar other.
- Information about any falls in the previous year, including related injuries and changes to lifestyle as a result.
- Information about the fear of falling and how it effects the following:
- Getting dressed or undressed.
- Taking a bath or shower.
- Getting in or out of a chair.
- Going up or down stairs.
- Reaching for something.
- Walking up or down a slope.
- Going out to a social event.
- Health status (based on EQ5D including questions around:
- Mobility.
- Self-care.
- Usual activities.
- Pain/discomfort.
- Anxiety/ depression.
- How good or bad is your health is today.
Data Flow
- Date of Birth
- Sex
- Age (one of 6 age brackets, based on the Identifier for Advertiser if you have opted in to interest based advertising on your device)
- App Store the app was downloaded from
- App Version
- Country (inferred from IP address)
- Device Brand
- Device Category
- Device Model
- First Open Time
- Gender
- Information about any falls in the previous year, including related injuries and changes to lifestyle as a result.
- Information about the fear of falling and how it effects the following:
- Getting dressed or undressed.
- Taking a bath or shower.
- Getting in or out of a chair.
- Going up or down stairs.
- Reaching for something.
- Walking up or down a slope.
- Going out to a social event.
- Health status (based on EQ5D including questions around:
- Mobility.
- Self-care.
- Usual activities.
- Pain/discomfort.
- Anxiety/ depression.
- How good or bad is your health is today.
- Language
- New/Established (whether you have opened the app in the last 7 days)
- OS Version
Data retention and deletion
- Anonymise all the personal data in the Keep On Keep Up without being able to re-identify your personal data and;
- Use only non-identifiable data stored during your activity using the Keep On Keep Up for its analytics and marketing services.
Database security
- The Local Database is encrypted and directly accessible only through the Keep On Keep Up platform.
- The Local Database encrypts all data at rest using the native OS encryption.
Data transmitted to Firebase is securely transmitted and secured at rest.
All Firebase services have successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process.