Privacy & Data Protection
We are passionate about high-quality and convenient health services. But we are also passionate about privacy.
Managing data responsibly and securely is vital at Babylon. We are passionate about protecting data. It is paramount to us. We adopt robust safeguarding measures to ensure data use remains appropriate and compliant. It is essential that we continue to provide clear explanations that outline how data is processed at Babylon and for what purpose.
Being transparent about how we use data matters. At Babylon we are committed to ensuring that users of our products and our partners have trust and confidence in how we responsibly use and manage data.
Our Commitments :
We believe users of our products should always be in control of their own data
We put you in charge of your data, which is easily accessible to you and can be found in-app. You will have rights in relation to your data. Wherever we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. We will never sell your personal data to anyone else.
We take data security extremely seriously
To keep your data protected, please:
- Make sure you have a strong password;
- Change your password frequently;
- Keep your password safe and never share it with anyone else.
We want you to understand what data we collect and how we use it
When you use Babylon’s products, you give us access to your data. We want to be transparent about what we collect, and how we use it to make our range of digital health services work better.
The main types of data we collect are:
Who you are
When you register with our services, we’ll receive the basic information you provide us with about yourself, such as your name, date of birth, gender and email address, through our partners.
How you interact with us
When you use our services, we process and store information you provide (such as the symptoms you enter into our symptom checker).
Data and the Babylon services
With your consent, we use data to build a better Babylon for all users – to make our services faster, smarter and more useful to you – so we can deliver a better experience to all users. When we use data to learn from, we always remove personal identifiers (such as your name, contact details and address) to ensure that your privacy is protected.
Who we share your data with
We share your information with our partners, who are the data controllers, to help us deliver our services to you. Across Southeast Asia, Babylon has partnered with Prudential to provide our AI-powered wellness products via their all-in-one health and wellness app, Pulse by Prudential. We are bound by strict confidentiality and data security provisions, and can only use your data in the ways that meet the requirements of applicable data protection legislation in countries where our health services are available.
In addition, we may share your personal data with companies we have contracted to provide services on our behalf. They are bound by strict confidentiality and data security provisions, and can only process your data in the ways specified by us in order to support our service to you (this can include for example service providers who offer maintenance and/or technical support for our services). Your data is processed to provide you with a service, on the basis of your consent, or in order to comply with our legal or regulatory obligations.
We ensure clinical safety of Babylon products and services, meeting and exceeding industry and legal standards We ensure clinical safety of Babylon products and services by meeting and exceeding industry and legal standards. We apply the clinical risk management process to all stages of the product lifecycle, from concept to deployment and eventually decommissioning, this ensures the clinical safety of our products and services.
We retain records in accordance with best practice guidelines
We retain records in accordance with best practice guidelines. Our business revolves around delivering a better health service to every person on earth but, in order to do this, we need to be able to access information. Your interaction with our services are kept for 10 years.
If you have questions about how we keep privacy and data security at the heart of what we do, please contact our Data Protection Officer at email@example.com
Frequently Asked Questions
Question 1: What is personal data?
This definition can vary in different territories. Personal data refers to any information relating to an identifiable person, who can be identified (directly or indirectly) in particular, by reference to an identifier, such as an online identifier, an identity card number or even any set of data which when linked with other data would be able to identify an individual.
Question 2: What personal data does Babylon hold and what does Babylon do with the data?
Across Southeast Asia, Babylon has partnered with Prudential to provide our AI-powered wellness products via their all-in-one health and wellness app, Pulse by Prudential. After users download the Pulse by Prudential app, they are required to fill up an in-app registration form that provides us with basic information including name, date of birth, gender and email address.
Question 3: What is Babylon’s commitment to data protection?
Babylon is committed to compliance with data protection requirements and good practices.
Maintaining the confidentiality of personal data is fundamental to the relationship between users and Babylon, and is an integral part of the ethics of AI.
Furthermore, both common law and statute impose relevant obligations of confidentiality or require the protection of personal data. Babylon is committed to preserving the confidentiality, integrity and availability of user data, to preserve its reputation and to comply with its legal, regulatory and contractual responsibilities.
Question 4: Who has access rights to my personal data?
You will have certain rights to access your data.
Babylon operates a named user, role-based access model for access rights to services or systems in order to protect customer confidentiality, data, and data integrity. Strict security and contractual controls apply to any data access.
Question 5: How robust is Babylon’s security controls for securing data?
When you give us your data, you trust us to keep it secure, for example by encrypting data in storage in secure data centers.
We meet the standards required for every country where we operate. All our records are securely held at levels that meet or exceed national standards from NHS Digital in the United Kingdom (UK). We also meet ISO 27001, which is an international standard on information security, and have been independently audited and confirmed by our certification body, the British Standards Institution.
Our app has been independently security tested and we encrypt all data transmitted to and from the app, using strict procedures and security features, to prevent unauthorised access. We regularly assess our security controls by running penetration tests and searching for vulnerabilities. We constantly harden our business critical infrastructure that processes personal information.
Question 6: There are so many countries in the Asia Pacific region and each country has its own personal data protection laws and regulations. How does Babylon ensure compliance and keep up the regulatory changes in each country?
We operate a Global Privacy Programme and rely on local experts to ensure we are complying with privacy standards in the countries in which we operate. All projects or any activities that may impact the privacy rights of data subjects, require a Data Protection Impact Assessment (DPIA) to be conducted. The DPIA assesses risk throughout the development lifecycle of a program or system, which Babylon uses to ensure compliance with data protection laws and regulations.
It is apparent that there is a common theme across all jurisdictions. Regardless of the current state of the respective data protection regimes, all jurisdictions have identified the importance of the need for a more comprehensive data protection regime that caters to the privacy needs of an increasingly globalised world, and are taking measures to achieve such a robust regime. At Babylon, we keep ourselves updated with the latest changes by conducting regular surveillance to the data protection regulatory landscape.