We use cookies to give you the best possible online experience. If you continue, we'll assume you are happy for your web browser to receive all cookies from our website. See our cookie policy for more information on cookies and how to manage them.

Web Privacy And Data Protection

The purpose of this document

The MyHealthCounts programme is provided in partnership with roadtohealth. By signing up to MyHealthCounts the following terms will apply.
Both us and roadtohealth Limited ("roadtohealth"), are the creators of the MyHealthCounts website (the "Website"), we have created this Privacy, Security and Data Protection Policy to demonstrate our commitment to ensuring the privacy and security of the information that you share with us in accordance with both our duties under the Data Protection Act 1998.
This document describes how and for what purposes we collect and use personal data from visitors to the Website (i.e. information or data about a particular visitor who can be identified from that data or from it together with other information which is in, or is likely to come into, our possession).

Your consent to the Terms of Use and this Policy

By using the Website, you acknowledge and agree to the Terms of Use and this Privacy, Security and Data Protection Policy. If you do not agree with either the Terms of Use or this Privacy, Security and Data Protection Policy, please stop using the Website. If you contact email@myhealthcounts.co.uk or info@roadtohealth.co.uk or telephone us on 0800 158 5188 we will remove any personal data that has been collected by us about you.

What type of data we will collect from you

When you interact with MyHealthCounts, roadtohealth may process sensitive or personal data about you.  This may include:

  1. Your name and date of birth;
  2. Your personal contact details (email, phone, address, postcode);
  3. Details about any of your previous health concerns or clinical issues;
  4. Details about your family history, particularly around health concerns or clinical issues;
  5. Details about your lifestyle; and
  6. Clinical information.

We will only collect data to the degree that this is necessary and relevant to the delivery of MyHealthCounts for you.

How we will use your data

The information you provide us with will be used predominantly to provide you with information about a number of potential health risks based on your clinical background and lifestyle, to assist us in recommending an appropriate clinical pathway to you and calculation of your MyHealthCounts discount.
In addition your data may be used to:

  1. tailor your visit to the Website;
  2. show you content that we think you might be interested in;
  3. contact you and send you information regarding our services and changes to our services;
  4. send you e-mails on various matters;
  5. contact you if we need to resolve support issues;
  6. identify whether you have purchased products or services if you decide to follow a link through to or from one of our online partners;
  7. provide us with broad demographic data;
  8. provide us with information in order to develop new features and services; and
  9. service your account.

How the Website uses Cookies

We may use "cookies" from time to time on the Website. A cookie is a piece of data created by a web server that is stored on your computer.  The cookies created by the web servers contain data that uniquely identifies you each time you use the Website. This identifier may be used to record site usage statistics. 
You have the option of using your browser software to disable cookies or to warn you before accepting a cookie from the Website. However, if you disable or choose not to accept cookies some of the functionality of the Website may be impaired or you may not have access to areas of the Website that require this type of identification.
In a separate automatic operation, the web servers will collect your IP address and details of the website where you came from before entering the Website.  This information may be used by us from time to time to work out how many times the Website has been visited or to record which parts of the Website have been visited so its content and layout can be improved.

Your data and third parties

From time to time, we and roadtohealth may also aggregate the data we obtain from you for statistical analysis and research which may be used at a corporate, national or global level by ourselves or we may provide aggregated data to third parties.  It will not be possible to identify you or any other individual from this data.

How to opt out of future mailings and communications

Occasionally, as a MyHealthCounts customer we may contact you to provide you with information about products or services that we think may be of interest to you. If you would prefer not to receive this type of information then please contact our customer service team.  If you contact us at email@myhealthcounts.co.uk or call 0800 158 5188 we will ensure that you are not contacted. Remember, however that this will mean that we cannot send you information about any special MyHealthCounts offers or discounts that may benefit you.  Please note this action will only cease information being sent to you for MyHealthCounts and not by Aviva

How we will keep your data safe

Security and privacy of data are an essential part of our business protocols.  To this end, we and roadtohealth use access authentication and server security to protect your data. Whenever you provide them with information across the web, your details will be encrypted before being sent to their professionally-managed Website servers. 
Please note, however, that we cannot be held responsible for security issues generated by the equipment you use to access the Website, or certain circumstances beyond their control including but not limited to hack attacks, denial of service attacks, the effect of viruses or other harmful or malicious programs or vandalism of services.

Where your data will be stored

Your data will be held by roadtohealth in a purpose-built, professionally-managed, secure data storage facility in the UK and will be monitored 24 hours a day, 365 days of the year. If, for any reason, if roadtohealth need to transfer your information to any other country which operates to a different level of data protection from the UK, they will always put a contract in place to ensure your information is protected.

How we comply with the Data Protection Act 1998

roadtohealth developed internal procedures to ensure that all information which is collected and held about you is held in accordance with the legal requirements and principles of the Data Protection Act 1998.  The Data Protection Act 1998 has eight main principles these hare listed below together with an explanation of how roadtohealth comply with these principles.

A summary of the data protection principles

  1. Personal data shall be processed fairly and lawfully.

roadtohealth have developed the Website to ensure that all information collected is processed fairly and lawfully. In addition they have developed this Privacy, Security and Data Protection Policy to help you understand the purpose of our data collection and the steps to which we have gone to protect your data.

  1. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.

This Privacy, Security and Data Protection Policy that we have developed clearly states the purposes for which they collect and process data. They have notified the purposes to the Information Commissioner.

  1. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

They ask only for information that is to be used to provide you with information about roadtohealth or that is to be used in an aggregated way to draw conclusions (e.g. via polls/surveys/research).

  1. Personal data shall be accurate and, where necessary, kept up to date.

If you would like to amend your details please e-mail us at email@myhealthcounts.co.uk or telephone us on 0800 158 5188. We do not take any responsibility for any consequences of you failing to provide accurate information to us or of you failing to keep it up to date.

  1. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

The data that they collect from you and by which you are identifiable will be held unless and until you ask us to remove this information. This is subject to our retention of data necessary for (a) the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings), for the purpose of obtaining legal advice, or otherwise establishing exercising or defending legal rights; and (b) medical purposes undertaken by a health professional (or a person who in the circumstances owes an equivalent duty of confidentiality).

  1. Personal data shall be processed in accordance with the rights of data subjects under this Act.

Your rights under the Data Protection Act 1998 are fully observed. If you feel that your rights are being contravened then you have full recourse to the Office of the Information Commissioner.

  1. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

Both us and roadtohealth recommend that you review the paragraphs on Privacy and Security above which set out the measures which have taken to protect your data.

  1. Personal data shall not be transferred to a country or territory outside the European Economic Area (EEA) unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

The UK has a high degree of data protection regulation and consequently you can be assured that wherever you are, the fact that all of your data is stored on servers based in the UK means that your information is processed in accordance with UK data protection principles. If you access your e-mails from a computer located outside the EEA, the action of accessing your emails will be taken as your consent to us transferring your personal data outside of the EEA in order to reach you.

If you have any further questions...


Please view the information on Providing Feedback to us for all contact details for us and/or roadtohealthcontact us