About PAM Life
PAM Life is a Body and mind wellness platform that supports business and their employees to work and live a more balanced, healthier and happier life, PAM has an interactive online health and wellbeing solution designed to increase workforce wellbeing.
PAM Life Limited is a company registered at Holly House, 73-75 Sankey Street, Warrington, Cheshire, United Kingdom, WA1 1SL. We are a health and wellbeing coaching and behavioural change service provider.
PAM Life is the Data Controller for data processed by our people and systems and has an appointed Data Protection Officer.
Under Data Protection Law We have a legal duty to protect any information we collect from you and we are committed to protecting and respecting your privacy. We use leading technologies and encryption software to safeguard personal data, and keep strict security standards to prevent any unauthorised access to it. In this policy:
PAMLife Limited means the company registration 11966045, our office is at Holly House 73-75 Sankey Street Warrington Cheshire WA1 1SL.
PAMLife means our brands PAMLife, Skip CBT & Raiys
We, Us, Our, Ours and Ourselves also refer to PAMLife
You, Your, Yours and Yourself refer to you
Data Protection Laws means the Data Protection Act (2018) GDPR (EU regulation 2016/679) and all other laws and regulations relating to the collection and processing of personal data
Personal data refers to personal data as defined in the DPA (including, if relevant, health data or any other special category personal data as defined in the DPA or GDPR).
Who is the policy for?
Consumer Clients are individuals who subscribe to PAM Life services for their personal and private use.
Corporate Clients are individuals where their employer pays for the PAM Life service as a benefit to their employees.
This policy is information for all Users of the PAM Life Service that we process their data and explains
What we hold?
Why we hold it?
How long we hold it for?
What data do we hold?
Collection of information
PAM Life holds “Personal and Special Information” as defined by the GDPR and Data Protection Regulations. We treat our responsibilities very seriously as an organisation and as individuals we will always treat your information as important and ensure that we protect its use, access and accuracy.
We collect information when you register for an account, participate in interactive features (including health assessments), fill out a form or a survey, participate in a contest or promotion, make a purchase, communicate with us via social media sites, request customer support, or otherwise communicate with us. The information you may provide includes your name, email, password, goals, address, postcode, age, sex at birth, payment method information, feedback and survey responses, and other information about you included within your messages to us. Some users also provide health-related information in connection with providing receiving coaching feedback or other messages to us, and we process that information consistent with the purpose for which it was provided.
Other Information about your use of the services
When you use our Services, we collect the following information about you:
Usage Information: Whenever you use our Services, we collect usage information, such as the sessions you use, videos you view or you listen to, what screens or features you access, and other similar types of usage information.
Transactional Information: When you make a purchase or return, we collect information about the transaction, such as product description, price, subscription or free trial expiration date, and time and date of the transaction.
Log Information: We collect standard log files when you use our Services, which include the type of web browser you use, app version, access times and dates, pages viewed, your IP address, and the page you visited before navigating to our websites.
Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, device identifiers set by your device operating system, and mobile network information (like your connection type, carrier and region).
Information we Record: On some occasions, we may record phone or video calls with your consent, such as in connection with our coaching program.
Information we Generate: We generate some information about you based on other information we have collected. For example, like most platforms, we use your IP address to derive the approximate location of your device. We also use your first name to make an educated guess about your gender and use information about your activity to help determine the likelihood of you continuing to use our Services in the future (which we hope will be the case!).
Information we collect from other sources
Data may be collected via Apple Healthkits and Google Fit upon installing our mobile application. This consent will be explained and obtained from you within the app and you may revoke this access at any point within your phone’s system settings.
We also obtain information about you from other sources, including transaction information from third-party app stores you use to install our app or purchase a subscription, and name and contact information from third-party calendar services. Additionally, if you create or log into your account through a social media service account, we will have access to certain information from that account, such as your name and other account information, in accordance with the authorisation procedures set by that social media service.
What do we use your data for?
When we process your personal data, we will only do so in the following situations:
As necessary to perform our responsibilities under our contract with you (like processing payments and providing the products or services you have requested);
When we have a legitimate interest in processing your personal data, including to communicate with you about changes to our Services, to help secure and improve our Services (including to prevent fraud) and to analyse use of our Services;
As necessary to comply with our legal obligations; and
When we have your consent to do so.
We use the information we collect to:
Provide, maintain and improve our Services, including debugging to identify and repair errors, and develop new products and service;
Process transactions and fulfil orders;
Send you transactional or relationship messages, such as receipts, account notifications, customer service responses, and other administrative messages;
Communicate with you about products, services, and events offered by PAMLife and others, request feedback, and send news, gifts or other information we think will be of interest to you;
Monitor and analyse trends, usage, and activities in connection with our Services;
For the promotion of health and wellbeing services
For the provision of health and wellbeing services to you
For the purposes of marketing our services or services of selected partners related to our services
Detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of PAMLife and others.
Personalise your online experience and the advertisements you see on other platforms based on your preferences, interests, and browsing behaviour
Sharing of Information
With companies and contractors that perform services for us, including email service providers, payment processors, fraud prevention vendors and other service providers;
In response to a request for information, any applicable law or legal process or requested by a statutory body or law enforcement agency.
If we believe your actions are inconsistent with our Terms and Conditions or policies, if we believe you have violated the law, or to protect the rights, and safety of PAMLife or others;
In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;
With your consent or at your direction. For instance, you may choose to share actions you take on our Services with third-party social media services.
Advertising and Analytics Services provided by others
We may use anonymised personal data for internal and external research and publicity purposes. This may include publishing aggregate, anonymous information about our users for the purpose of providing public information and conducting academic research.
You may update certain account information you provide to us (such as your password, name and email address) by logging into your account or contacting us through our Help Centre at firstname.lastname@example.org If you wish to disable your account, please contact us at email@example.com but note that we retain certain information when required or permitted by law. We also retain cached or archived copies of information about you for a certain period of time.
You may opt out of receiving promotional emails from PAMLife by following the instructions in those emails or by logging into your account. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
Mobile Push Notifications/Alerts
With your consent, we send promotional and other push notifications to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.
How do we obtain your consent?
When you register for our services you will be required to accept our terms and conditions this also includes that you are consenting to PAM Life processing your data for the purposes of PAM Life delivering health and wellbeing services. If we change any of our terms and conditions, we will require you to update your acceptance which updates your consent. During some assessments where we may process your health data, we may require you to confirm your consent to us processing your data.
PAM Life uses the information held in the delivery of our services.
We need personal information e.g. name address, date of birth in order to identify and verify the correct person and in some cases where we need to communicate with your health care provider this is the standard identification information used with the NHS.
We need your personal contact details email to assist us communicating with you when booking appointments
We need and will create medically confidential information so that our clinicians can provide professional advice based on your health, fitness and wellbeing
We operate a secure occupational health IT system that requires any user of our service, including employees referred or managers making referrals to be registered as an employee within our system
All medical information is held securely and only accessed by PAM Life workers. Employers have access to our system and a specific hierarchy is in place that determines which managers have access to your occupational health file. Occupational health reports and medical records are kept separately within our system. Managers do not have access to your medical records.
We do not and will never sell your personal identifiable information to anyone else
We do not share your information with anyone else other than anonymised aggregated data to your employer (If using PAM Life through a corporate licence) and we will always obtain your consent before we provide any personal identifiable information
We will not use your personal identifiable information to sell you anything or promote any services that are not related to the provision of health or wellbeing services
The information we hold is electronic and our servers are located within the UK.
How do we protect your data?
All information you provide to us is stored on secure servers. All special data is encrypted and has additional cyber security measures taken to protect your privacy. Your registration process provides your unique identity profile to your data. No one outside PAM Life can access your data, if you are a CX, our Client, who may be your employer, cannot access your data where we have given you (or where you have chosen) a password which enables you to access certain parts of our site or applications, you are responsible for keeping this password confidential. Please do not to share a password with anyone.
When you send information to us by email, please bear in mind that the transmission of information over the internet is not completely secure, unless the information is encrypted. Whilst we take all reasonable steps to protect your personal data on our systems, we cannot guarantee the security of any data you choose to email to us, so, please be aware that sending us your personal data via email is at your own risk. Once we have received your information, we will use strict procedures and security controls to ensure its ongoing confidentiality and protection.
With regards to each of your visits to our site, we may automatically collect the following; technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); plans you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs); and methods used to browse away from the page and any phone number used to call our customer service numbers.
How long do we hold your data for?
The following data retention periods are applied for Consumer and Corporate Clients.
Data type or processing activity (Data retention policy)
Health data collected by a User who does not subscribe to our service (7 days after data entry)
Personal Data collected from a User who does not subscribe to our service (1 year after entry)
Health data collected by and stored in our kiosk (3 days after entry)
Health data collected from a client (45 days after service ends)
Personal data collected from a client (1 year after service ends)
Non personal statistical data from users and clients is held with no personal identification (7 years after entry)
Data subject Requests
Subject to certain limits and conditions provided under law, you have the following rights:
You have the right to access personal data we hold about you and to ask that your personal data be corrected, erased, or made available in a portable form. Email firstname.lastname@example.org
You also have the right to object to certain processing (like receiving direct marketing), or request that we restrict processing in certain circumstances.
When we ask for your consent, you may withdraw that consent at any time.
You have the right to file a complaint regarding our data protection practices with the Information Commissioners Office and can be found at https://ico.org.uk/global/contact-us/.