ContactDocsLogin

How we manage your data

Aurabox is designed to help you share your personal health care information in a safe and secure way.

Secure by default

We understand that your privacy is of paramount importance, and we are committed to protecting the personal information you share with us. As part of our commitment to transparency and compliance with data protection laws, this page is designed to help you understand how we collect, use, and safeguard your personal data when you interact with our services.

Our privacy practices are structured to provide security and confidentiality to your personal information while enabling us to deliver a superior service experience. Whether you're new to our services or a long-time user, we want you to feel informed and confident about how your personal data is handled here.

We invite you to read the following sections to learn more about our data handling practices. Should you have any questions or need further clarification, please do not hesitate to contact us. Your trust in our services is valued, and we're committed to maintaining that trust by respecting your privacy and ensuring the security of your personal data.

Aurabox is fully compliant with EU and UK GDPR requirements.

On this page

Data collection

What data we collect

Aurabox collects personal health information provided by you or your care team. This information includes your name, date of birth, sex, address, medical imaging and other diagnostic healthcare data, as well as other information relating to your medical care and treatment.

How we collect data

This data is provided to Aurabox in the following ways:

  • By you, when you have an Aurabox account
  • By your care team, when they use Aurabox, and
  • By the organisations that create the data, such as medical imaging providers

Use of Data

Aurabox collects your personal health data for the following purposes:

  • To allow you to aggregate your health data and share it safely with your medical team
  • To allow doctors to aggregate and share health data on behalf of their patients, to improve treatment outcomes

Aurabox does not use any automated data processing. Your information is stored in Aurabox exactly as provided.

Data sharing

Personal data sharing

As part of the service provided by Aurabox, you may share your data with registered medical professionals on the Aurabox platform.

Sharing by your care team

Doctors use Aurabox to collaborate on the care of patients to improve treatment outcomes. This includes sharing patient records.

Third party sharing

Aurabox does not share your data with third parties except where you grant permission to do so. When you sign up for an Aurabox account, you will be asked if you wish to allow anonymised sharing and the circumstances under which this will occur.

Legal Requirements

Aurabox may have legal requirements to share your data for law enforcement or regulatory purposes. You may not be informed when this occurs, however Aurabox will always attempt to notify you where possible.

Data security

The security of your personal data is a top priority. We employ robust measures to protect your information from unauthorized access, alteration, and loss. Our data security practices are guided by comprehensive standards and regulations to ensure the highest levels of data protection.

We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. These include advanced encryption technology, strict data access policies, and continuous monitoring of our IT systems to detect and mitigate threats.

Your data is stored in secure facilities, and access is restricted to authorized personnel only, based on their role, requirement in the organization, and subject to stringent confidentiality obligations.

For any concerns about data security, or if you require more detailed information on our specific measures, please contact our support team. We are here to ensure that your personal data remains secure and that your privacy is always respected.

Data rights

At Aurabox, we are committed to upholding your rights under the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). We recognize the importance of your data privacy and strive to provide you with full control over your personal information.

Here is an overview of your data rights and how you can exercise them:

Access to Your Data

Right to Access

You have the right to access your personal data that Aurabox processes. This allows you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

You can do this by accessing your account or by contacting us.

Correction and Update of Your Data

Right to Rectification

If any data we hold about you is incomplete or inaccurate, you are entitled to ask us to correct it. This ensures your data is up-to-date and accurate.

You can do this by accessing your account or by contacting us.

Deletion of Your Data

Right to Erasure ('Right to be Forgotten')

Under certain circumstances, you can request the deletion or removal of your personal data where there is no compelling reason for its continued processing. This is particularly relevant where the data is no longer necessary for the purposes for which it was collected or where you withdraw consent.

You can do this by deleting your account or by contacting us.

Restriction of Processing

Right to Restrict Processing

You have the right to block or suppress the processing of your personal data under certain conditions. During the period of restriction, we can store your data, but not process it further.

You can do this by contacting us.

Data Portability

Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes across different services. This allows you to move, copy, or transfer personal data easily from Aurabox to another data controller in a safe and secure way, without hindrance to usability.

You can download your data directly from your account or by contacting us.

Withdrawal of Consent

Right to Withdraw Consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time. This includes the right to withdraw consent to us using your personal data for marketing purposes.

You can do this by accessing your account or by contacting us.

Automated Decision Making and Profiling

Rights Related to Automated Decision Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except as allowed under relevant laws. Aurabox does not currently use Automated Decision Making and Profiling. You will be notified via email if this changes, and given the option to consent.

Managing Your Permissions

Setting and Updating Permissions: Aurabox allows you to set your permissions during registration and at any time thereafter by visiting Account > Permission in your Aurabox profile. This feature ensures that you have continuous control over how your information is handled and used by us.

At Aurabox, we take your data rights seriously and provide all the necessary tools and support to help you manage your privacy effectively. Should you wish to exercise any of these rights, or if you have any questions about your personal data, please contact our Data Protection Officer through the designated channels on our website. Your privacy and trust are our utmost priority.

International data transfers

When you sign up for an Aurabox account, you will be asked to select the region where your data will be stored. This ensures that your data is kept in a location that meets your privacy and compliance requirements.

Questions about how we manage your data?

Our team is here to help. Contact us for more information about our data handling practices.

Contact UsBack to Trust Centre