Privacy Policy

1. Information We Collect

Personal Information

• • Name, email address, phone number, and date of birth
• • Address and emergency contact information
• • Payment information (processed securely by third parties)
• • Account credentials and preferences

Health Information

• • Medical history and current health conditions
• • Symptoms, treatment responses, and progress notes
• • Laboratory results and test data
• • Medication information and treatment protocols
• • Communication with healthcare providers

Technical Information

• • Device information and IP addresses
• • Usage patterns and platform interactions
• • Cookies and similar technologies
• • Log files and error reports

2. How We Use Your Information

Healthcare Services

• • Facilitating communication with healthcare providers
• • Tracking treatment progress and outcomes
• • Managing appointments and medication schedules
• • Providing personalized health insights

Platform Operations

• • Account management and authentication
• • Customer support and technical assistance
• • Platform improvement and feature development
• • Security monitoring and fraud prevention

3. Data Security Measures

• • End-to-end encryption for all data transmission
• • AES-256 encryption for data at rest
• • Multi-factor authentication for all accounts
• • Regular security audits and penetration testing
• • SOC 2 Type II compliance
• • Role-based access controls
• • Automated backup and disaster recovery

4. Data Sharing and Disclosure

With Your Consent

• • Healthcare providers involved in your care
• • Third parties you explicitly authorize
• • Research participation (anonymized data only)

Legal Requirements

• • Court orders and legal subpoenas
• • Regulatory compliance and audits
• • Public health requirements
• • Emergency situations to protect health/safety

5. Your Privacy Rights

Under GDPR (EU/UK)

• • Right to access your personal data
• • Right to rectify inaccurate information
• • Right to erasure ("right to be forgotten")
• • Right to restrict processing
• • Right to data portability
• • Right to object to processing

Under HIPAA (US)

• • Right to access your health information
• • Right to request amendments
• • Right to accounting of disclosures
• • Right to request restrictions
• • Right to file complaints

6. Data Retention

We retain your health information for as long as necessary to provide healthcare services and comply with legal requirements. Typically, this means:

• • Active account data: Duration of your subscription plus 7 years
• • Health records: Minimum 8 years after last treatment
• • Financial records: 7 years for tax and audit purposes
• • Technical logs: 2 years for security and troubleshooting

7. International Data Transfers

Your data is primarily stored in secure data centers within the UK and EU. When international transfers are necessary, we ensure appropriate safeguards are in place, including:

• • Adequacy decisions by the European Commission
• • Standard Contractual Clauses (SCCs)
• • Binding Corporate Rules where applicable
• • Explicit consent for specific transfers

8. Cookies and Tracking

We use cookies and similar technologies to improve your experience:

• • Essential cookies for platform functionality
• • Analytics cookies to understand usage patterns
• • Preference cookies to remember your settings
• • Security cookies to protect against fraud

9. Third-Party Services

We work with trusted third-party services that meet our security standards:

• • Cloud hosting providers (AWS, Google Cloud)
• • Payment processors (Stripe, PayPal)
• • Communication services (secure messaging)
• • Analytics platforms (anonymized data only)

10. Data Breach Response

In the unlikely event of a data breach, we will:

• • Notify affected individuals within 72 hours
• • Report to relevant regulatory authorities
• • Provide clear information about the breach
• • Offer support and remediation steps
• • Implement additional security measures

11. Contact Information

For privacy-related questions or to exercise your rights: