Customer Data Privacy Policy

Prepared for MiCode services supplied in connection with Dementia Jersey

1. Purpose

MiCode Ltd is committed to protecting the privacy, confidentiality, and security of all personal data processed through the MiCode service for which it is a data controller under the UK GDPR and Data Protection Act 2018.

MiCode is a QR code-based service that enables individuals to store and manage emergency medical information and emergency contact details. MiCode is designed to help make important information available quickly in appropriate situations, including emergencies, safeguarding concerns, care support, or situations where an individual may need assistance.

Because MiCode may include health information, medical information, care information, emergency contact details, and information relating to vulnerable individuals, MiCode treats data protection, privacy and security as central to the service.

This policy explains how MiCode collects, uses, stores, protects, and shares personal data. It also explains the rights of individuals who use MiCode and the responsibilities of MiCode Ltd.

Where MiCodes are supplied in connection with Dementia Jersey, this policy should be read on the basis that Dementia Jersey is acting as a distribution partner. Details can be found at www.dementia.je/micode. Dementia Jersey does not have routine access to individual users’ MiCode emergency medical information and does not use the MiCode organisation view under the agreed operating model.

This reflects MiCode’s standard distribution position, namely that a third-party organisation such as Dementia Jersey may purchase and distribute MiCodes without becoming the controller or processor of the individual user’s MiCode emergency medical information, provided it has no access to, or decision-making role in, that information.

2. Scope

This policy applies to personal data processed by MiCode Ltd in connection with the MiCode service.

This may include:

  • personal data voluntarily entered by individual users;
  • emergency contact information;
  • health and medical information;
  • care and support information;
  • uploaded documents or media;
  • technical access information;
  • audit logs and security records;
  • account administration information;
  • ordering, fulfilment and support information.

This policy applies to data processed electronically, data stored through the MiCode platform, cloud-hosted information, and administrative information connected with the operation of the MiCode service.

3. Applicable Data Protection Law

MiCode processes personal data in accordance with applicable data protection law. This may include:

  • UK General Data Protection Regulation;
  • Data Protection Act 2018;
  • Data Protection (Jersey) Law 2018;
  • Data Protection Authority (Jersey) Law 2018;
  • guidance issued by the UK Information Commissioner’s Office;
  • guidance issued by the Jersey Office of the Information Commissioner, where relevant.

Where MiCode provides services to individuals in Jersey, MiCode will have regard to the Data Protection (Jersey) Law 2018 and the role of the Jersey Office of the Information Commissioner as the relevant Jersey regulator.

MiCode will review whether any registration, notification, or other regulatory requirement applies in Jersey in relation to the processing of personal data connected with MiCode services.

Nothing in this policy removes MiCode’s responsibility to comply with applicable data protection law.

4. Who is Responsible for Personal Data

For personal data processed through the MiCode service, MiCode Ltd is the organisation responsible for operating the platform and managing the service environment.

MiCode Ltd acts as the controller or data controller for personal data processed in connection with the operation of the MiCode service, including account administration, platform management, service support, security, audit, fulfilment, legal compliance, and technical operation.

The individual MiCode user remains the primary decision-maker in relation to the emergency medical information and emergency contact information they choose to place into their own MiCode.

Where MiCodes are purchased or distributed by Dementia Jersey, Dementia Jersey does not become the controller or processor of the individual user’s MiCode emergency medical information simply because it has helped distribute the MiCode.

Dementia Jersey does not have routine access to that information and does not decide what information a user places into MiCode. This is consistent with MiCode’s position paper on data roles, access and distribution partnerships.

5. What MiCode Is

MiCode is not a complete medical record.

MiCode is a user-managed emergency medical information and emergency contact service. It allows an individual to store information that may be useful if they need help, support, care, or emergency assistance.

The user chooses what information to include. This may include medical conditions, allergies, medication, emergency contacts, care instructions, communication needs, or other information that the user considers important.

MiCode provides the platform and service environment through which this information can be stored, managed, protected, and made available in accordance with the service design and the user’s choices.

6. Personal Data We May Process

MiCode may process the following types of personal data:

  • name;
  • contact details;
  • date of birth, where provided;
  • emergency contact details;
  • medical conditions;
  • allergies;
  • medication information;
  • care and support needs;
  • communication needs;
  • uploaded documents;
  • uploaded images or media;
  • access settings;
  • account information;
  • technical access records;
  • security and audit logs;
  • customer support correspondence;
  • ordering and fulfilment information.

Some of this information may be special category data, especially where it relates to health, disability, care needs, medical conditions, medication, allergies, safeguarding needs, or support requirements.

MiCode only collects information that is provided by the user, required to operate the service, or needed for security, support, fulfilment, compliance, or lawful administration.

7. Lawful Basis for Processing

MiCode will only process personal data where there is a lawful basis for doing so.

For the processing of personal data, MiCode may rely on one or more of the following lawful bases:

  • the user’s consent;
  • performance of a contract or steps taken at the user’s request;
  • legitimate interests, including platform security, service integrity, fraud prevention, customer support, and service administration;
  • legal obligation, where MiCode is required to keep or disclose information by law;
  • vital interests, where processing is necessary to protect someone’s life or safety.

For special category data, including health, medical, care, disability, safeguarding, or support information, MiCode will only process the information where an appropriate lawful basis and special category condition applies.

In most cases, MiCode will rely on the user’s explicit consent for processing special category health data. This is because the user chooses to enter health-related or care-related information into their MiCode for emergency, care, safety, or support purposes.

MiCode may also process certain information where this is necessary to protect the vital interests of an individual, for example where information is accessed in an emergency and the individual may not be able to communicate.

For users in Jersey, MiCode will interpret and apply the lawful basis for processing in line with the Data Protection (Jersey) Law 2018 where that law applies.

MiCode does not process personal data for advertising, behavioural profiling, commercial resale, or unrelated marketing purposes.

8. Emergency and Safeguarding Context

MiCode is designed to support access to important information in situations where a person may need help.

In emergency situations, limited personal data may be accessed via a MiCode to assist responders in identifying the individual and contacting appropriate support. MiCode designs its systems to minimise data exposure while prioritising user safety.

In an emergency, a MiCode may help to:

  • identify the individual;
  • understand important medical or care information;
  • contact the person’s nominated emergency contacts;
  • support safer communication;
  • reduce delay in obtaining relevant information;
  • assist appropriate care or safeguarding action.

MiCode is designed to support safety, not to replace professional medical records, clinical judgement, care plans, safeguarding procedures, or emergency services.

Users are encouraged to think carefully about what information they include and to use available access settings where sensitive information should be restricted.

9. Access to MiCode Information

The information stored in a MiCode is controlled by the user through the service design and available access settings.

A person who scans a MiCode may be able to view information that the user has chosen to make available through the QR code. Some information may be restricted through access controls, depending on the setup of the individual MiCode.

MiCode may also access information where necessary for legitimate operational reasons, including technical support, security, maintenance, audit, legal compliance, or investigation of misuse.

Where MiCodes are distributed by Dementia Jersey, Dementia Jersey does not have routine access to individual users’ MiCode emergency medical information.

Dementia Jersey is not provided with the organisation view, dashboard, reporting function, or administrative access under the agreed model.

10. Data Sharing and Third Parties

MiCode does not sell personal data.

MiCode may share personal data only where this is necessary, lawful, and consistent with the purpose of the service.

We may share relevant personal data with emergency services or designated contacts when a MiCode is scanned. We may also use trusted third-party service providers, such as hosting providers, who process data on our behalf under strict contractual and security obligations.

Personal data may be shared in the following situations:

  • where a MiCode is scanned and the user has made information available through the QR code;
  • where information is made available to emergency responders, carers, support workers, healthcare staff, or others acting in support of the individual;
  • where emergency contact details are used to contact a person nominated by the user;
  • where MiCode uses trusted technical service providers, such as hosting, cloud, storage, email, communications, payment, or infrastructure providers;
  • where disclosure is required by law, regulation, court order, or a competent authority;
  • where sharing is necessary to protect the vital interests of the user or another person;
  • where sharing is necessary to investigate misuse, security issues, fraud, or unauthorised access.

MiCode may use third-party service providers to support the operation of the MiCode service. These providers process data on behalf of MiCode under contractual and security obligations.

MiCode remains responsible for managing these supplier relationships within the MiCode service environment.

11. International Data Transfers

MiCode will seek to ensure that personal data is stored and processed in locations that provide appropriate protection for personal data.

Where personal data is transferred outside Jersey or the UK, MiCode will ensure that appropriate safeguards are in place, such as Standard Contractual Clauses, adequacy regulations, recognised transfer mechanisms, contractual safeguards, or other measures required by applicable data protection law.

MiCode will review international transfer arrangements where relevant, particularly where third-party infrastructure, hosting, cloud, communications, storage, or technical service providers are used.

12. Security Measures

MiCode applies technical and organisational measures designed to protect personal data.

These may include:

  • secure hosting arrangements;
  • encryption in transit;
  • encryption-based protections where appropriate;
  • access controls;
  • restricted administrative access;
  • role-based access controls;
  • audit logging;
  • technical monitoring;
  • supplier management;
  • data minimisation;
  • confidentiality obligations for authorised personnel;
  • periodic review of security controls;
  • incident response procedures;
  • account management controls;
  • procedures for reviewing and responding to suspected unauthorised access.

MiCode recognises that health-related and emergency information carries particular sensitivity. Security measures are therefore continuously reviewed in light of the nature of the data, the risks to individuals, and the operational purpose of the service.

Access to personal data is limited to authorised personnel or approved service providers where access is necessary for the operation, security, support, maintenance, or lawful administration of the MiCode service.

No digital system can guarantee absolute security. However, MiCode aims to apply appropriate safeguards to reduce risk and protect the confidentiality, integrity, and availability of personal data.

13. Data Retention

MiCode will retain personal data only for as long as necessary for the purpose for which it was collected, or for as long as required for legal, operational, security, audit, contractual, or compliance reasons.

MiCode uses retention criteria rather than a single fixed retention period for all data, because different categories of information are processed for different purposes.

User profile information is normally retained while the user’s MiCode account remains active.

Where a user closes their account, withdraws consent, or requests deletion, MiCode will delete or anonymise personal data unless MiCode is required or permitted to retain it for legal, regulatory, security, dispute resolution, audit, or legitimate business purposes.

Account administration, support, fulfilment, transaction, technical log, audit, security, and compliance records may be retained for longer where needed for service operation, legal compliance, fraud prevention, security investigation, dispute resolution, or the establishment, exercise, or defence of legal claims.

The criteria used to decide retention periods include:

  • the purpose for which the information was collected;
  • whether the account remains active;
  • whether the information is needed to provide the service;
  • whether the information is needed for safety, security, or audit purposes;
  • whether there is a legal or regulatory requirement to keep the information;
  • whether the information is needed for customer support;
  • whether the information is needed for fulfilment or transaction records;
  • whether the information may be needed to establish, exercise, or defend legal claims.

MiCode will delete, anonymise, or restrict data when it is no longer required for the relevant purpose.

MiCode will keep retention practices under review and will not retain personal data for longer than necessary.

14. User Responsibilities

Users are responsible for deciding what information they place into their MiCode.

Users should ensure that information entered into MiCode is accurate, relevant, and kept up to date.

Users should review their emergency contacts and access settings regularly.

Where a user includes information about another person, such as an emergency contact, the user should ensure that the person is aware that their details have been included.

Where a user is supported by a carer, family member, professional, or trusted person to set up or manage a MiCode, that support should be provided in the user’s best interests and in accordance with any applicable consent, capacity, safeguarding, or legal requirements.

15. Data Subject Rights

Individuals have rights in relation to their personal data.

Depending on the circumstances and applicable law, these rights may include:

  • the right to access personal data;
  • the right to correct inaccurate information;
  • the right to request deletion;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability, where applicable;
  • the right to withdraw consent, where processing is based on consent;
  • the right to complain to a supervisory authority.

Users have the right to access, rectify, erase, restrict, or object to the processing of their personal data, and the right to data portability where applicable.

Requests can be made by contacting MiCode at:

james@micode.uk

MiCode may need to verify the identity of the person making the request before responding.

Users in the UK may complain to the UK Information Commissioner’s Office.

Users in Jersey may complain to the Jersey Office of the Information Commissioner where Jersey data protection law applies.

16. Personal Data Breaches

MiCode maintains procedures for identifying, assessing, managing, recording, and responding to personal data breaches.

If MiCode becomes aware of a personal data breach, it will assess the risk to individuals and take appropriate action.

Where required, MiCode will notify the relevant supervisory authority.

Where a personal data breach relates to personal data arising in Jersey and connected with MiCode services supplied through the Dementia Jersey arrangement, MiCode will notify Dementia Jersey immediately on becoming aware of the breach, where the breach is likely to affect individuals connected with that arrangement.

This notification to Dementia Jersey is separate from, and does not replace, any regulatory notification that MiCode may be required to make to the Jersey Office of the Information Commissioner, the UK Information Commissioner’s Office, or any other relevant supervisory authority.

Where a breach is likely to result in a high risk to individuals, MiCode will inform affected individuals where required by law.

MiCode may provide information in stages if all details are not immediately available.

All incidents will be recorded and reviewed so that appropriate steps can be taken to reduce the risk of recurrence.

17. Dementia Jersey’s Role

Dementia Jersey may help make MiCodes available to people it supports.

Under the agreed arrangement, Dementia Jersey acts as a distribution partner.

Dementia Jersey does not have routine access to individual MiCode user profiles or emergency medical information.

Dementia Jersey does not decide what information an individual places into their MiCode.

Dementia Jersey does not operate the MiCode platform.

Dementia Jersey does not use the MiCode organisation view under the agreed operating model.

Dementia Jersey does not become the controller or processor of the individual user’s MiCode emergency medical information simply because it purchases or distributes MiCodes.

If the arrangement changes in the future and Dementia Jersey is given access to identifiable user information, dashboards, reporting tools, communication tools, or administrative functions, MiCode will review the privacy, legal, and data governance position before such access is provided.

Any such change may require additional documentation, revised privacy wording, contractual amendments, data protection assessment, or regulatory review.

18. Children and Vulnerable Individuals

MiCode may be used by or for individuals who require additional support, including vulnerable adults, people living with dementia, or people who may need assistance in an emergency.

Where another person assists a user to set up or manage a MiCode, they should act in the best interests of the user and only enter information that is appropriate, accurate, and relevant.

Where consent, capacity, authority, or safeguarding considerations arise, these should be handled carefully and in accordance with applicable law and good practice.

MiCode is designed to support safety and access to important information, but it should not be treated as a substitute for professional medical records, care plans, clinical advice, safeguarding procedures, or emergency services.

19. Changes to this Policy

MiCode may update this policy from time to time.

This policy will be reviewed at least annually or sooner if:

  • the MiCode service changes materially;
  • the Dementia Jersey operating model changes;
  • data protection law or regulatory guidance changes;
  • security risks change;
  • a personal data breach or incident indicates that the policy should be updated;
  • MiCode introduces new access, communication, dashboard, or reporting functionality;
  • there is a material change in MiCode’s use of suppliers, hosting, infrastructure, or international data transfer arrangements.

The current version of this policy will be made available through MiCode’s usual communication channels.

20. Contact Details

For questions about this policy or about how MiCode handles personal data, please contact:

MiCode Ltd
Email: james@micode.uk
Website: www.micode.uk

Users may also contact the relevant supervisory authority where they have concerns about how their personal data has been handled.

If you want more information about how Dementia Jersey can support you, or details of their partnership with MiCode, please email info@dementia.je

21. Summary

MiCode is designed to help individuals manage and share important emergency medical information and emergency contact details.

The user decides what information to place into their MiCode.

MiCode operates the platform and protects the data processed through the service.

MiCode acts as controller or data controller for the operation of the MiCode service.

Dementia Jersey acts as a distribution partner and does not have routine access to individual users’ MiCode emergency medical information.

Dementia Jersey does not use the MiCode organisation view under the agreed operating model.

MiCode processes personal data in accordance with applicable UK and Jersey data protection requirements.

MiCode aims to protect privacy while supporting safety, emergency response, care, safeguarding, and appropriate access to important information.