Category of Personal Data

What it means

Identity Data

At this time, we only collect the following items of PII data from our users: First and last name, email address, date of birth*, location, department/team, employee number (or similar identifier provided by an employer if required). **

*Users who sign up to Unmind via one of our 3rd Party Health & Wellbeing partners may be required to provide us with their date of birth on sign up. This will be deleted as soon as registration eligibility is confirmed.

**This information is collected depending on organisational requirements.

Contact Data

Email address only.

Marketing and Communications Data

Your preferences in receiving marketing from us and your communication preferences.

Behavioural Data

Inferred or assumed information relating to your behaviour and interests, based on your online activity. We may use this information to assess the popularity of our series and tools, and also to tailor the experience our users receive by ensuring that content they enjoy is easily accessible to them. 

Technical Data

Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website or use our services.

Technical data also includes intelligence experience information such as recording what links you click on and how often you visit certain pages.

User-Generated Data

Personal Data you may include in your user-generated content (i.e. information and content that you submit to the Site), for instance when you fill in the comments box of the “Check-In” form or when you send a Praise to someone and personalise the message.

Purpose

Categories of Personal Data involved (Please see categories we process above)

Why we do this

Our legal basis for this use of data

Condition for processing Special Category Data

Account Creation

  • Identity Data
  • Contact Data

To register you as a new user.

Contractual Necessity

N/A

Site Operation

  • Identity Data
  • Contact Data
  • Behavioural Data
  • User-Generated Data

To provide you with the services offered on our Site (including technical support services), such as for example, “Insights” (helping you to track your wellbeing).

Contractual Necessity

Healthcare (where your user-generated data contains Special Categories of Personal Data)

Unmind Content Recommendation

  • Identity Data
  • Contact Data
  • User-Generated Data

We do this through a smart recommendation engine, to provide you with recommended content from our Site, based on your profile, use of the Site and Unmind Index.

Legitimate Interests.We have a legitimate interest in ensuring that your experience on our Site is as tailored to your specific needs as possible so that the content you view in priority on our Site is most likely to be helpful to you.

Healthcare (where your user-generated data contains Special Categories of Personal Data)

Surveys

  • Identity Data
  • Contact Data
  • User-Generated Data

To complete surveys and obtain data for research purposes and in an anonymised format (although you do not have to respond to such surveys).

Consent

Explicit Consent (where your user-generated data contains Special Categories of Personal Data)

Praise

  • Identity Data
  • Contact Data

To send you your colleagues’ praises.

Legitimate Interests.
It is within our legitimate interests to enhance and personalise our service offering to you. The Praise feature serves to provide you with further tools and engagement opportunities.  

N/A

Aggregation for Research & Development Purposes

  • Identity Data
  • Contact Data
  • User-Generated Data

In an anonymised format, to develop the Unmind offering, to create and distribute white papers, to conduct and publish research, and to share the data with health professionals and academics to improve Unmind and other services relating to mental wellbeing.

Legitimate Interests.We have a legitimate interest in understanding our end-users to develop the Unmind offering, to publish white papers and to share the data with health professionals and researchers.

Healthcare (where your user-generated data contains Special Categories of Personal Data)

Aggregation for affiliated or associated organisations (e.g., employers, academic institutions, governing bodies)

  • Identity Data
  • Contact Data
  • User-Generated Data

In an anonymised, aggregated format to demonstrate the average wellbeing of different populations, to identify usage patterns across and between sub-groups locations, to extrapolate whether use of the Site is more beneficial for some audiences compared to others. These aggregated reports do not contain Personal Data related to your Unmind account or any personally identifiable User Generated Data.

Legitimate Interests.We have a legitimate interest in understanding our end-users to develop the Unmind offering, to publish white papers and to share this anonymous data with health professionals and researchers.

Research (where your user-generated data contains Special Categories of Personal Data)

Fraud Prevention

  • Identity Data
  • Contact Data
  • Technical Data

To keep our website, our services, your Personal Data and associated systems operational and secure.

Legitimate Interests.We have a legitimate interest in ensuring the ongoing security of your information, and proper operation of our services, website and associated IT services and networks.

N/A

Troubleshooting

  • Technical Data

To track issues that might be occurring on our systems.

Legitimate Interests.It is in our legitimate interests that we are able to monitor and ensure the proper operation of our Sites and associated systems and services to ensure the best user experience for you.

N/A

Marketing

  • Identity Data
  • Contact Data
  • Marketing and Communications Data

To form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you.

Consent.

Explicit Consent (where our marketing purposes extend to Special Categories of Personal Data).

3rd Party Health & Wellbeing Partners Rewards Programmes 

  • Identity Data
  • User-Generated Data

If you have signed up to Unmind via one of our 3rd Party Health & Wellbeing Partners, we may provide your details relating to your completed activities to that provider so that you can earn points towards any rewards systems you are participating in.

Contractual Necessity

N/A

Third party data source

Publicly available?

Categories or other types of personal data received?

Your Employer(s), academic institution(s), governing bodies

No

  • Identity Data
  • Contact Data 

Analytics providers

No

  • Behavioural Data
  • Technical Data

The provisioner of your “guest” account (where your Site access has been granted by a friend, family member, or peer)

No

  • Contact Data

3rd Party Health & Wellbeing Partners

No

  • Identity Data

Type of Cookie

Purpose

Your Employer(s), academic institution(s), governing bodies

These cookies are essential to provide you with services available through our Site and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Site and help the content of the pages you request to load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.

Functionality Cookies

These cookies allow our Site to remember choices you make when you use our Site, such as remembering your login details and remembering the changes you make to other parts of our Site which you can customise. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Site.

Analytics and Performance Cookies

These cookies are used to collect information about traffic to our Site and how users use our Site. The information gathered via these cookies does not “directly” identify any individual visitor. However, it may render such visitors “indirectly identifiable”. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access our Site.  The information collected is aggregated and anonymous. It includes the number of visitors to our Site, the websites that referred them to our Site, the pages they visited on our Site, what time of day they visited our Site, whether they have visited our Site before, and other similar information. We use this information to help operate our Site more efficiently, to gather broad demographic information and to monitor the level of activity on our Site. We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Site works. You can find out more information about Google Analytics cookies here. 

You can find out more about how Google protects your data here.

Recipients

Categories of Personal Data we share

Why we share it

Service providers

  • Identity Data
  • Contact Data
  • Technical Data
  • Behavioural Data
  • User-Generated Data
  • Marketing and Communications Data

Our service providers provide us with IT and system administration services.

Professional advisers

  • Identity Data
  • Contact Data

Trusted technical and professional consultants, external auditors and our legal advisors may require access to personal data on an ad hoc basis and only with a relevant purpose; such as maintaining the security of our service or within the provision of professional services.

HM Revenue and Customs and other regulators and authorities

  • Identity Data
  • Contact Data

Authorities may require reporting of processing activities in specific circumstances such as complying with applicable law or responding to a valid legal process from law enforcement or other government agencies.

The provisioner of your “guest” account (where your Site access has been granted by a friend, family member, or peer)

  • Contact Data
  • Technical Data

To maintain and validate your “guest” account access we may need to inform the provisioning account holder of any changes you make to your primary email alias or if your account is deleted for any reason.

3rd Party Health & Wellbeing Partners

  • Identity Data
  • User-Generated Data

To ensure that users who sign up via one of our 3rd Party Health & Wellbeing Partners receive points towards their Rewards system when they complete relevant activities. 

Category of Personal Data

Retention period

Behavioural Data

For so long as retention is necessary to fulfil the Purposes/Use for which it is used. After this time, it will be permanently and irrevocably anonymized. 

Marketing and Communications Data
Technical Data

For so long as you have an Account with Unmind or our Site(s).
Your data is permanently deleted within 60 days of your request (or requirement) to delete your account. 

Contact Data
Identity Data

For so long as retention is necessary to fulfil the Purposes/Use for which it is used.Your data is permanently deleted within 60 days of your request (or requirement) to delete your account. 

User-Generated Data

For so long as retention is necessary to fulfil the Purposes/Use for which it is used. After this time, it will be permanently and irrevocably anonymized.